this post was submitted on 02 Sep 2024
562 points (99.6% liked)
Cybersecurity - Memes
1975 readers
2 users here now
Only the hottest memes in Cybersecurity
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Unfortunately I don't think this code has been audited by a third party. That being said if there is not an uproar in issues in the repository or a popular fork overtaking it or a bunch of terrible online reviews, I would assume it's relatively safe. It's challenging to have a backdoor or scam or just bad practices with so many eyes on the source code. It's not impossible of course but it's rare, especially when it's something optional, the risk is very high.
Regarding pop-ups I'm not sure I understand. A lot of cookie banners use the same (sadly due to the concentration) services so I believe by supporting only a handful a lot of the Web can be covered. If he plugin doesn't support it, it just does nothing, letting the user decide as they normally would. The rules themselves are also public and can be checked.
Anyway nobody "needs" this so it's fine not using it. It makes me wonder though in practice how it changes behavior, e.g do I sometimes click "allow" or "yes" because I'm just tired, and think "whatever, right now I don't have time for this, I just want the damn information" and if so, does this plugin, assuming it doesn't fail, genuinely help, or not.
I've seen more and more different kinds of cookie pop ups, and even the ones that look familiar tend to have variations (like in how/where they include "legitimate interests" or how you object to them). I'm sure the people who made the plugin do their best, but the advertisers are constantly trying to find new ways to deceive or confuse people in to accepting their trackers which may not be noticed immediately, and like I said, I have trust issues lol (so if the plugin does nothing, and I can't tell unless I pay the same attention as if I was doing it myself, that's enough to make me pass).
Very very rarely will I give in to the frustration and just click "reject all" and hope for the best (not on any site, like if they have the cookie telling me they're wanting to connect all my devices or whatever, which is always "always active", fuck that), and I hate it every time. Assuming it doesn't fail, then yeah, it would help in those situations, but nothing never fails, so it's back to only trusting my own actions lol