undefined | Better HN

0 pointscmrdporcupine6y ago0 comments

This isn't really explaining the "how" to me though.

The way I remember it is, as the page host I have a cookie on you. Then I drop in a 1-pixel image to a third party, and in the query string to it I write in a hashed form of the cookie I have for you. That HTTP request then itself can go through the cookie process, but for the third party. They then check their DB for both their own issued cookie and the value you passed in, and are then able to perform some asynchronous (batch or otherwise) match to associate the two IDs. From then on, an ad etc. can be targeted based on that info.

0 comments

greenyoda6y ago

Yeah, it doesn't seem that merely blocking third party cookies can address a scenario like this, where the main site colludes with the third party tracking site.

To avoid this, it still seems like the best approach is to use an ad blocker add-on like uBlock Origin, which will block any content from known tracking domains from being loaded. That should get rid of the third party image.

There's also uMatrix (from the maker of uBlock Origin), which can selectively block images, scripts, etc. from third party sites.

j / k navigate · click thread line to collapse

0 pointscmrdporcupine6y ago0 comments

This isn't really explaining the "how" to me though.

0 comments

greenyoda6y ago

Yeah, it doesn't seem that merely blocking third party cookies can address a scenario like this, where the main site colludes with the third party tracking site.

There's also uMatrix (from the maker of uBlock Origin), which can selectively block images, scripts, etc. from third party sites.

j / k navigate · click thread line to collapse