To make matters worse, most of these websites are providing us with services we really want, but we would not like them to track what else we do on the internet, or what have we been doing on the internet over long periods of time. So blocking cookies altogether is really not an option. What we really need is a way to isolate different web apps from one another and across their usage at large timescales (weeks / months). If we are able to achieve good isolation, we really don’t care how bonkers do these websites go with cookies (at short timescales).
I tried to find a reasonable workaround for web tracking and have come to the following which works reasonably well. It doesn’t use any special addons for browsers:
Most browsers support multiple user profiles. Besides flash cookies (which needs to be dealt separately), the profile carries the “cookie jar” and the persistent DOM storage for which contains all tracking information. Thus, we should be able to create multiple profiles and run independent instances of the browser for most websites we visit. Very importantly, we can run multiple instances of the browser simultaneously each having their own cookie jars and DOM storage so that there is no chance of cross site cookie sniffing.
So, the idea is to keep a master copy of a profile with all your preferred browser settings and, using a script, copy it over to a temporary profile before the browser is launched (with the temporary profile). Once the browser is closed, the temporary profile is deleted. If multiple browsers instances are launched, each will be launched in their own temporary profiles so that you can have as many isolated independent instances as you need.
So far, I haven’t been able to figure out a good UI convention for the user to communicate this isolation. The best I have now is that a browser window is a unit of isolation and all tabs in the browser are in the same temporary profile. The solution above using browser profiles doesn’t limit you from opening multiple windows though, I personally manage it using multiple virtual desktops. However, this is still an open problem and once I have it I will probably go forward and try implementing it for a browser. If you have a suggestion for a UI convention for browser session isolation please leave a comment.
I implemented the above idea for chrome (chromium actually) and firefox. Chrome supports profiles using a user-data directory which can be specified on the command line. Firefox supports command line options to create a new profile. Thus, my chromium launching script in bash looks like
tmpProfileName=`date | md5sum | cut -d " " -f 1` cp -a <location of master profile> <prefix of temprorary profiles>/$tmpProfileName chromium --user-data-dir=<prefix of temprorary profles>/$tmpProfileName rm -r <prefix of temprorary profiles>/$tmpProfileName
and my Firefox launching script looks like:
tmpProfileName=`date | md5sum | cut -d " " f 1` firefox -no-remote -CreateProfile $tmpProfileName cp -a $HOME/.mozilla/firefox/<master profile folder>/* $HOME/.mozilla/firefox/*.$tmpProfileName/ firefox -no-remote -P $tmpProfileName rm -r $HOME/.mozilla/firefox/*.$tmpProfileName
Opera should be similar to chrome as it has a user-data directory for profiles similar to chrome.
This will also help you log in using multiple accounts for the same website in different browser windows simultaneously. Essentially, its like having many simultaneous active but independent instances of the “incognito” or “private browsing” modes.
Note that, if you do need persistent cookies for some reason, you can always launch the browser without the above script. It will store the cookies and other data in the default profile (separate from the master profile which is used to copy over settings to temporary profiles). However, I don’t think you will ever need that… if you do, just keep the browser window open indefinitely.
Update: The windows cmd script to achieve the same with firefox is below.
set profileDir=C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\ set profileId=%random% "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -no-remote -createprofile %profileId% for /D %%i in (%profileDir%\*.master) do set masterProfileDir=%%i for /D %%i in (%profileDir%\*.%profileId%) do set newProfileDir=%%i xcopy /Q /E /Y %masterProfileDir% %newProfileDir% start /wait "Starting Firefox..." "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -no-remote -P %profileId% rmdir /S /Q %newProfileDir%
The above includes some rather ugly hacks to determine the profile dirs… but it works. Please use the correct path to firefox.exe in the above script. The location of firefox.exe can be determined by (Right Click on Firefox icon)->Properties.