Privacy

39560 readers

408 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Is It Really Necessary To Logout of Web Sites? (www.pcworld.com)

submitted 3 years ago by [email protected] to c/[email protected]

10 comments fedilink hide all child comments

Remember when there was no conventional logout option on Amazon? You've probably also noticed that Google and Microsoft sites try to keep you logged in, and services like Discord hide the logout somewhere hard to find

top 10 comments

sorted by: hot top controversial new old

[–] [email protected] 3 points 3 years ago (2 children)

If your browser is set to delete cookies on closing it, your sessions should be gone anyway when you open it again. I don't logout, personally, I trust Firefox's cookie jar to isolate them by website, which makes them much less useful.

[–] [email protected] 2 points 3 years ago* (last edited 3 years ago) (1 children)

your sessions should be gone anyway when you open it again

Your session cookie will be gone, but your session is still valid until the server decides to invalidate it by a time-out. (Unless they save the whole session in the cookie)

[–] [email protected] 1 points 3 years ago (1 children)

That makes sense. Would there be a way to re-use this same session if the cookie has been deleted though? I know that closing the browser isn't ideal, but if both the cookie and the login session are needed, if you remove one of them it should be enough.

[–] [email protected] 1 points 3 years ago (1 children)

Session ID's could be stolen (XSS, malware) or guessed (bad implementation of the id generation). Sites that want you to be logged-in all the time know of that risk and will use (invasive) techniques to assess how likely it is that the use of a given session is legit. (GeoIP, Fingerprinting)

[–] [email protected] 1 points 3 years ago

Thanks for the detailed answer, I didn't know about that.

[–] [email protected] 1 points 3 years ago (1 children)

provided you close your browser regularly

[–] [email protected] 1 points 3 years ago

Right, I honestly didn't think of this possibility as I reboot every day.

[–] [email protected] 2 points 3 years ago

Outside of Lemmy and github (even though J know it's Microshit owned), I always log in in a private window. Especially for things like gmail, amazon.

[–] [email protected] 2 points 3 years ago* (last edited 3 years ago)

Have you tried temporary containers extension? For sites you want to stay logged in you can use ferdi or rambox. At least with ferdi, it's easy to route it through proxy.

[–] [email protected] 1 points 3 years ago

Google and Microsoft don't even call it "login"/"logout" anymore, but "add account"/" remove account", where the wording of "removing" sth. might sound like a negative thing to some