|
|
Posted by Gordon Burditt on 07/15/07 20:35
>> You will never convice these sort of people. They, without a clear
>> understanding of how the protocol actually works, will continually insist
>> that you can tally "current viewers". I've seen it time and time
>> again. I've
>
>The viewer is the session for crying out loud.
Since for most practical purposes, sessions do not end EXCEPT by
the server applying an arbitrary timeout, this is a rather useless
definition of "viewer".
Oh, yes, if you are depending on cookies to do sessions (putting
it in the URL is often considered "too insecure"), someone with
cookies turned off will start a new session every page. If only
10% of the people have cookies turned off, that might not seem like
much, but if the average visitor generates 10 hits, your session
count is about double what it should be.
I suppose a bank can estimate how big to build its lobby by noting
how many "teller sessions" are still open. Obviously, if someone
makes a deposit in person, and the account is still open, they're
still in the bank lobby, right? (Accounts do have a timeout in
most states. It's called an escheat law. After so many years of
inactivity, the account is deemed by the state to be abandoned
property and is turned over to the state). That's why most bank
lobbies are much bigger than football stadiums, right?
>> even explained to some of them that they will completely miss the viewer
>> that has obtained a copy of their page from a corporate proxy (with of
>> course no access at all to their server), to no avail. They simply will not
>> understand. It's right up there with "N people have visited this site
>> since..." :-)
>>
>> Just let them put their meaningless counters on their web sites. It does no
>> harm, providing, as you say, they are not telling their "clients" that it
>> has meaning.
>
>I am frightened that you seem unable to understand such simple concepts.
>
>You know, I think you should suggest to banks that they dont really know
>if someone is there and should end all session based online banking.
Banks don't try to count the number of people online at a given
time. It's useless information. They do worry about the possibility
that someone walked away from their computer, leaving the session
open, so they put timeouts on sessions that are short enough to
deter misuse of an open session but long enough to not annoy real
customers still trying to use it. They really don't care whether
you looked at your bank balance, then opened another tab and are
looking at vacations that you can afford.
>Or they could do the SENSIBLE thing and ASSUME in many cases that the
>fact that someone opened the session means that there is a HIGH
>PROBABILITY that someone os THERE. Possibly implement a time out. Oh,
>they do jus that.
The timeout is *NOT* for the purpose of counting sessions. And I'm
sure if they tried to put "visitor counts" in their financial
statements, their auditors would jump all over them.
Oh, yes, bank customers actually LOG IN, so figuring out a number
of unique customers is fairly easy: look at the number of unique
login identifiers used in any given hour.
Navigation:
[Reply to this message]
|