matt 🏴 is a user on You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
matt 🏴 @matt

The hell is this bullshit, MIT?

· Web · 130 · 97

@matt my student loan servicer won’t let me login to their website with a private window. I don’t like it.

@bierasure @matt How the heck does one even detect private browsing? O.o
Apparently not reliably:

*Whispers close to ear*

Orders from above...

These days private browsing isn't porn mode, it's read-Medium-through-the-soft-paywall mode. And now sites are starting to block that too?

@y6nH Apparently! I knew Netflix had been doing this for awhile, I didn't like it but I assumed it was a video DRM thing. Absolutely no excuse for this on a regular-ass HTML page with words and pictures.

@matt What the actual fuck? How is this actually detectable?

@jkb @matt

there are many scripts to detect private mode on browsers (with varying degrees of success),

just checked and whatever MIT use either doesn't work or deliberately isn't implemented for the UK (maybe it might conflict with GDPR).

Of more concern is *why* MIT does that in the first place without any transparency, even many other USA sites explain (or whine at you) that privacy tools reduce their ad revenue (techdirt read from Europe is an example)

@vfrmedia @jkb @matt

This is very simple.

A simple reason for this could be that at some point the website uses the browser's local storage, which does not work in private mode.

@jaltek @vfrmedia @jkb I don't understand why a private browser window should function any differently than a normal one. Just do the exactly the same thing, but delete everything when I close the window. That's all I need. I share a work computer and don't want to have to remember to log out of everything at the end of the day.

It's a bad design and shame on MIT for exploiting it.

@matt @vfrmedia @jkb

This depdens on the fact why the MIT uses this sort of "detection".

Technically it *is* different from a normal window. As I said - the HTML5 local storage functions will not work by using the private mode. This is a fact.

@jaltek @matt @jkb the technical explanation makes sense, but really an organisation of size/reputation of MIT *should* be transparent about why they have done this (maybe simply to cache images?)

That it doesn't occur in UK immediately post GDPR makes me more suspicious.

The again the IEEE website insists on trying to deliver full page ads (that Ublock Origin at least keeps at bay..)

@vfrmedia @matt @jkb

There is nothing special about it. As the local storage is (hence the name) "local" you are able to see - like cookies - which data the MIT is saving inside.

@vfrmedia @matt @jkb

So if you accepted to use cookies you accepted to use the local storage which is nothing more than a key-value storage.

@jaltek @vfrmedia @jkb I don't care why it's bad, I just want them to fix it so it's not bad anymore

@matt @jaltek @jkb whatever they are doing, its not something I've ever seen before even on UK and European local "newspaper" websites that are riddled with trackers etc.

Sometimes they might block you from the content if you use adblockers (some even randomise the element tags to try and defeat blocking), but they do not try at all to distinguish between normal and private mode browsing, as that is certain to unnerve many endusers..

@matt the balkanized web. It's like the internet, but it's actually shite.

@matt they reviewed your technology and did not care for it

@matt tricks on you. I clean my caches and cookies anyway

@matt switch down in noscript or umatrix to get rid of it

@matt this is a great use case for Firefox Containers. The cookies would be allowed to provide a functioning web experience, but the cookies, IndexDB etc all destroyed when the temporary container tab is closed