Remember to use ad blockers and DNS filters ladies and gentlemen!

Have no idea what Otto[.]de is, nor do I have any plans to find out. But god damn thats a long as time. Its the equivalent of 9993 years if anyone was wondering…

Source; Cookie of a sketchy free VPN that I’m investigating.

  • barsoap@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    6 months ago

    Speaking about sketchy and durations…

    The certificate for slrpnk.net expired on 5/6/2024.

    Error code: SEC_ERROR_EXPIRED_CERTIFICATE

      • barsoap@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        OP fixed their certificate in the meantime so now I can actually see the image (without jumping through hoops to make firefox ignore the certificate error).

        3650000 days looks like a honest mistake, should probably be exactly one year. Which is long, but not an eternity.

        • Sunny' 🌻@slrpnk.netOP
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          6 months ago

          Not sure I’m following the issue with slrpnk.net cert, it’s up to date my end. 5/6/2024 hasn’t been yet… so its not expired hah.

          I don’t think 3650000 is a typo, that’s four zeros away from being a year. Additionally, many of these cookies have a duration ranging from a few days all the way to 10 years or more.

          • barsoap@lemm.ee
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            5/6/2024 hasn’t been yet… so its not expired hah.

            The current certificate is valid from Mon, 06 May 2024 07:58:01 GMT to Sun, 04 Aug 2024 07:58:00 GMT, it has been renewed today. Click on the padlock on the address bar and click your way through to see those dates. Renewal was probably automatic, in any case there was enough of a lapse for me to stumble across the error.

            I don’t think 3650000 is a typo, that’s four zeros away from being a year.

            Then where does the “365” come from? That’s some highly specific digits.

            • Sunny' 🌻@slrpnk.netOP
              link
              fedilink
              English
              arrow-up
              0
              ·
              6 months ago

              I agree that it is an abnormal at least, it might not be meant to be 3650000, but thats what it says it is… Here is the full list if you want a peek at what I gathered yesterday. The formatting isnt great as it is taking from a spreadsheet.

              TCF Vendor / AD Partner Name Longest Cookie Duration (days) Longest Retenion Time by Vendor
              Exponential Interactive Inc d/b/a VDX.tv 90 397
              Roq.ad GmbH 365 365
              Index Exchange Inc. 1825 90
              Quantcast 3650 395
              BeeswaxlO Corporation 395 4320
              Sovrn, Inc. 365 180
              Adikteev n/a 730
              RTB House S.A. 365 565
              The UK Trade Desk Ltd 3629 365
              admetrics GmbH n/a 365
              Nexxen Inc. 180 400
              Epsilon 184 3285
              Yahoo EMEA Limited 750 400
              ADventori SAS 90 400
              TripleLift, Inc. 90 52
              Xandr, Inc. 90 180
              NEORY GmbH 90 90
              Nexxen Group LLC 365 400
              NEURAL.ONE 365 90
              ADITION (Virtual Minds GmbH) 365 90
              Active Agent (Virtual Minds GmbH) 365 90
              Taboola Europe Limited 366 396
              Equativ 396 40
              Adform A/S 3650 60
              Magnite, Inc. 1825 28
              RATEGAIN ADARA INC 730 730
              Sift Media, Inc n/a 1
              Rakuten Marketing LLC 730 2555
              Lumen Research Limited n/a n/a
              Amazon Ad Server 396 396
              Openx 365 90
              Yieldlab (Virtual Minds GmbH) 365 30
              Roku Advertising Services 396 540
              Nano Interactive Group Ltd. n/a 730
              Simplifi Holdings LLC 366 4320
              PubMatic, Inc 1800 40
              Comscore B.V. 720 90
              Flashtalking 730 730
              PulsePoint, Inc. 365 366
              Smaato, Inc. 21 14
              Semasio GmbH 366 180
              Crimtan Holdings Limited 365 1095
              Genius Sports UK Limited 365 365
              Criteo SA 390 390
              Adloox SA n/a 396
              Blis Global Limited 400 400
              Lotame Solutions, Inc 274 396
              LiveRamp 3653 365
              GroupM UK Limited 395 2
              LoopMe Limited 90 396
              Dynata LLC 365 730
              Ask Locala n/a 45
              Azira n/a 365
              DoubleVerify Inc. n/a 31
              BIDSWITCH GmbH 365 365
              IPONWEB GmbH 365 365
              • Sunny' 🌻@slrpnk.netOP
                link
                fedilink
                English
                arrow-up
                0
                ·
                6 months ago

                It continues;

                TCF Vendor / AD Partner Name Longest Cookie Duration (days) Longest Retenion Time by Vendor
                NextRoll, Inc. 183 365
                Teads France SAS 365 120
                Stréer SSP GmbH (SSP) 365 730
                OS Data Solutions GmbH & Co. KG 90 730
                Permodo GmbH n/a 90
                Platform161 B.V. 396 390
                Adacado Technologies Inc. (DBA Adacado) 365 395
                Basis Global Technologies, Inc. 365 540
                SMADEX, S.L.U. 365 365
                Bombora Inc. 365 730
                EASYmedia GmbH 365 365
                Remerge GmbH n/a 365
                advanced store GmbH 365 60
                Magnite CTY, Inc. 366 28
                Delta Projects AB 360 547
                usemax advertisement (Emego GmbH) 365 90
                emetriq GmbH 1825 180
                Publicis Media GmbH 1825 730
                M.D. Primis Technologies Ltd. 25 30
                OneTag Limited 730 548
                Cloud Technologies S.A. 365 365
                Smartology Limited n/a 30
                Improve Digital 90 90
                Adobe Advertising Cloud 730 760
                Bannerflow AB 366 30
                TabMo SAS n/a 60
                Integral Ad Science (incorporating ADmantx) n/a 30
                Wizaly 365 1095
                Weborama 393 395
                Jivox Corporation 365 30
                Sage+Archer BV n/a n/a
                On Device Research Limited 30 90
                Rockabox Media Ltd n/a 3
                Exactag GmbH 1825 210
                Celtra Inc. 90 365
                mainADV Srl 30 90
                Gemius SA 1825 1827
                The Kantar Group Limited 914 4320
                Nielsen Media Research Ltd. 3650 45
                Solocal SA 403 4320
                Pixalate, Inc. 728 61
                Oracle Advertising 180 30
                Numberly 180 183
                AudienceProject A/S 365 1826
                Demandbase, Inc. 730 390
                Effiliation / Effinity 30 30
                Arrivalist Co. 365 2555
                Seenthis AB n/a n/a
                Commanders Act 365 730
                travel audience GmbH 397 397
                HUMAN n/a 1095
                Adludio Ltd. n/a 30
                Blendee srl 366 180
                Innovid LLC 90 365
                Papirfly AS n/a 4320
                Neustar, Inc., a TransUnion company 365 540
                Verve Group Europe GmbH n/a 4320
                Otto (GmbH & Co KG) 3650000 731
                Adobe Audience Manager, Adobe Experience Platform 180 n/a
                Localsensor B.V. n/a 31
                Online Solution 365 30
                Relay42 Netherlands B.V. 730 1096
                GP One GmbH 300 90
                The MediaGrid Inc. 365 365
                MindTake Research GmbH n/a 180
                Cint AB 730 366
                Google Advertising Products 396 548
                GfK GmbH 730 720
                • Sunny' 🌻@slrpnk.netOP
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  6 months ago

                  It still continues;

                  TCF Vendor / AD Partner Name Longest Cookie Duration (days) Longest Retenion Time by Vendor
                  GfK GmbH 730 720
                  Revjet 730 90
                  Protected Media LTD n/a 365
                  Clinch Labs LTD 730 730
                  Oracle Data Cloud - Moat n/a 365
                  Hearts and Science Munchen GmbH 60 45
                  Amazon Advertising 396 395
                  Moloco, Inc. 730 730
                  Adtriba GmbH 730 730
                  Objective Partners BV 90 120
                  Ensighten 1825 1095
                  eBay Inc 90 1095
                  Hurra Communications GmbH 366 396
  • marcos@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    There isn’t any reason for a site to limit the lifetime of most cookies. I have no idea why that field isn’t optional.

    Get an extension that will erase the cookies that you don’t care about, do not abide by everything anybody on the web asks you for. And yeah, get an ad-blocker.

    • hydroptic@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      6 months ago

      At least here on the EU the ePrivacy directive and to a lesser extent the GDPR generally require that cookies have a limited lifetime depending on their function, to eg. prevent companies just attaching a stable identifier to every random passerby essentially forever. @Sunny@slrpnk.net, if you’re feeling particularly mildly infuriated you could email the German Data Protection Authority, there’s a good chance the cookie could attract the Eye of Sauron

      • Sunny' 🌻@slrpnk.netOP
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        I’m not annoyed, I’m not using this VPN service, only doing research. However, I would appreciate it if you could link me to what you refer to with GDPR and ePrivacy setting a limited cookie lifetime!

        • hydroptic@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          6 months ago

          Sure! This page has some general info: https://gdpr.eu/cookies/

          The directive itself is kind of involved because it goes pretty deep into what its aim is and eg. what sort of information can be considers an identifier, and it’s actually quite well argued and worth a read if that sort of thing is your, er, thing: https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX%3A32002L0058 (you need to scoll aaalll the way down to be able to show the body text). I had to deal with this stuff professionally when I was a CTO for a company with some stricter than average privacy requirements due to the field, and I was pleasantly surprised to find out how much sense ePrivacy and GDPR actually make

      • FMEEE@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        Jes but the company showed in OPs Image is a cookie of a German company. Otto de is like a German Amazon. And it is a GmbH so it’s probably registered in Germany.

    • Björn Tantau@swg-empire.de
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      I have no idea why that field isn’t optional.

      It is. But leaving it off means that the cookie will be removed when the browser is shut down.

    • Sunny' 🌻@slrpnk.netOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      Which is great, but do you know if that the case for Android apps too? As that is the case in this scenario?

        • Sunny' 🌻@slrpnk.netOP
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          I wasnt thinking clearly… Somehow was thinking they stored cookies outside the browser, then I realised thats not how it works :P Thanks for pointing it out, ill try to find out the default values for cookie-lifetime across browsers next :)

  • Björn Tantau@swg-empire.de
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    I guess they are not using php.

    First time I encountered a Y2038 bug in the wild. And apparently they still did not fix it for some inane reason.

    • barsoap@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      OTTO is an age-old German mail order company, they started up in 1949. About 16bn yearly revenue. Second largest online retailer overall in Germany after amazon, larger than amazon in Europe when it comes to clothing. Which TBH actually surprised me I thought zalando had that one nailed down.

      They also own their own parcel service (Hermes). Are they sketchy? Yes, I mean they’re turbo capitalists so of course they are. More so than amazon, nope.

      • PostnataleAbtreibung@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        They were, like Quelle, one of those mail order companies well before Internet and Amazon. They were once even quite acceptable.

        They turned to the very worst, though. If you have a problem, then YOU have the problem. Parcel missing? Well, good luck. Goods are damaged? Nope.

  • CarbonatedPastaSauce@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    If you don’t have your browser set to delete all cookies you haven’t made exceptions for, every time you close it, I don’t know what to tell you. Except… “you should do that”.