whereas I’ve configured Firefox on their Linux laptop not to keep any cookies after the browser is closed.
Here is your issue
It has nothing to do with Linux at all. It's all about the browsers configurations you made
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
whereas I’ve configured Firefox on their Linux laptop not to keep any cookies after the browser is closed.
Here is your issue
It has nothing to do with Linux at all. It's all about the browsers configurations you made
Yes, I understand that. I suppose my reason for posting in c/Linux was I thought that maybe there was some Linux-specific tool or configuration that I hadn’t thought of.
Yes, stop shooting yourself in the foot and allow cookies at least for those sites.
Will do. Thank you.
Just allow cookies for those websites. You can do it by clicking the lock to the left of the search bar and enabling "Always store cookis/data for this site"
I did not know about that - thanks for the tip!
I'm a bit late to the party, but I would be inclined to agree with the majority here. Your choice to have their cookies deleted on browser close is adding more friction to an already quite high friction process - you managed to get them to switch over, you don't want to undo all that over cookies of all things.
You have to remember, it is their machine at the end of the day, and while you might be able to put up with having to redo 2FA loads due to cookie deletion, they're clearly not... And if that's going to be the dealbreaker, you're far better off forgetting cookie deletion for now and focusing on more passive privacy options like blocking 3rd party cookies, trackers, and ADs.
Yup, I agree - thanks for chiming in.
Don't forget to let them know that Linux is not by default this hardcore with cookies.
I’ve configured Firefox on their Linux laptop not to keep any cookies after the browser is closed.
Why? Like I get it on your own computers where you're willing to deal with the hassle of that. But it's a huge pain for someone who just wants to use their PC.
I may also look into privacy oriented browser extensions that might offer some protection, such as Privacy Badger.
uBlock Origin is all you need.
My first time trying to get my mother to switch from Windows to a Linux based OS wasn't successful because there was too much friction and inconvenience for her, and she wasn't willing to even entertain the idea of Linux for years after that. My second attempt was successful because Linux is much more user friendly than it used to be 13 years ago, and I changed my approach to make it as frictionless as possible.
Firefox just set to block 3rd party cookies + some basic extensions like adblocking and some easy privacy stuff is a good way to go about it, because it's better than what she used previously and it doesn't become inconvenient to her. She doesn't know what an operating system is, or what cookies are... She just uses the computer to browse the web, emails, and light office work. She even says she prefers the current setup (though that's because her old computer was chugging with Windows and runs smoothly now with a less bloated OS)
No need for noscript, deleting cookies, fingerprinting, or user agent stuff... Only introduce these to them if they express interest in privacy and are interested in learning more. If you try to thrust it upon them too suddenly they will just think "Linux isn't a good user experience and is only good for tech enthusiasts and programmers".
Thanks for sharing your story, this helps.
Nice read! 👍 🐧
I set Firefox to save cookies for a few sites that I want to stay signed into. Everything else gets deleted when the browser is closed.
This. Delete all, keep a few. Goodness enumeration
For my family my setup slightly different for reasons in other comments:
Gotcha, thanks for sharing your setup.
I’ve configured Firefox on their Linux laptop not to keep any cookies after the browser is closed. I know this isn’t a Linux/Firefox issue
It's you issue.
Block third-party cookies, but allow cookies from the site itself. I'm not sure why you'd filter those out in the first place?
I'm not sure why you'd filter those out in the first place?
To be clear, the current settings do not filter out any cookies, they just don’t allow them to persist after the browser is closed. But after reading the advice in the comments, I’ll relax this setting. Thank you.
Allowing cookies for websites you are logged into makes sense. If you are going to login the site already knows who you are can track you, so you do not lose much with the exception. What I do for some sites like google services is access them from a separate browser.
If using Firefox:
I use a bunch of others, but the above are my bare minimum.
Don't believe anyone who tells you that one extension does everything.
I personally think you should just allow cookies indefinitely. There are honestly so many bigger risks from phishing and other forms of social engineering that as long as your family isn't leaving their computer unlocked in a public place, I wouldn't say there's really too much of a risk in leaving cookies enabled.
I apologize that this doesn't exactly answer your question, but I'd like to suggest an alternative. I'd like to also ask, is your family using a password manager by any chance? And if so, are they making use of passkeys on supported websites. Many modern websites, including Google and Facebook, support them. And they require virtually no interaction aside from unlocking the password manager. It's still a form of two-factor authentication, but it's far more convenient than anything out there.
I also don't really think you should try to force Linux on people who aren't particularly comfortable or familiar using it.
I worry they'll get frustrated to the point that they'll go out and splurge on new macbook air when they already have a perfectly functional laptop with functional OS.
If you're worried that they're going to go and do that, then Linux might not serve their needs. Linux might be a fully functional desktop system, but it's also one that isn't an out of the box experience either. There's certainly been a lot of improvements, But I don't think that any Linux Desktop Environment is ever going to reach the same level of intuitiveness as something like Windows or macOS. I would certainly love to see it that way. But I think it's just an issue of the people who actually use it.
I understand looking out for family and ensuring they don't spend excess amounts of money. But you also shouldn't take it upon yourself to try and dictate how your family uses the computer either. Linux wasn't built as a commercially supported desktop operating system with years of full-time researchers studying topics surrounding human computer interaction with a multi-million dollar budget. It was built to be a free as in freedom alternative to the mainstream systems that are available (I personally call it "The problem solving platform" for this reason) by a loose knit group of volunteers who love computers and know a lot about them. Most people who use a computer use them to do work, and not really for promoting a personal agenda.
I'm not saying that you shouldn't try to get your family members to use Linux, I'm just saying that you shouldn't force them. You should put their best interests first that can help them.
I'm sorry to go on such a long rant about this. I just see a lot of people who I believe to vastly overestimate the willingness of others in certain places. And the whole part of "worrying about someone spending their own money" just kind of struck a red flag to me.
I also don’t really think you should try to force Linux on people who aren’t particularly comfortable or familiar using it.
Disagree. As long as OP is willing to support them it's good to make others see that Linux can be doing just fine for just web browsing and chatting. Especially given that Microsoft seems to have completely lost it with their pushing of ads and trying to push desktop users into their cloud locking them further in.
Thanks for your advice, and yes, they use a password manager (KeepassXC), but this is the first I’ve heard of web sites that support pass keys. I’ll look into that, thanks for the tip.
Passkeys are the newest hype. Question is whether they're really safe, and how simple end users will deal when problems with it arise. I'd say go for allowing cookies and use the 2FA you already have configured.
FIDO2 has been around for a minute, it just got better branding and mainstream interest. Safe vs passwords is kind of silly, workflow for problem solving is a concern though (although not all that different than 2FA issues, they even use the same token in many cases).
As others have pointed out, the issue is here is not because of mint or linux, but because of the constant loss of cookies.
I was also experimenting with automatically deleting cookies but the only extension (forget me not) that allowed me the workflow I wanted was buggy and unmaintained.
I have settled on the following rules:
This way, cookies are only deleted when I really want it, which I control by deciding on using a temp container or not.
whereas I’ve configured Firefox on their Linux laptop not to keep any cookies after the browser is closed.
Why? Does this person care about privacy? The average person would much, much rather just have the cookies for exactly this reason.
You're right - I've decided to allow cookies to persist after they close the browser. Thanks for your advice.
Right now I’m thinking I’ll need to add a bunch of web sites as exceptions in Firefox settings so at least their most frequently used web sites are easier to log into.
I'd go for allow cookies to be stored for the sites they use or allow all.
Yeah, I've decided to just allow cookies to persist without having to manage some list of exceptions. Thanks.
Why not use Privacy Badger to prevent usage of tracking cookies?
I hadn’t considered Privacy Badger. I’ll look into that. Thanks for the idea.