The problem is, the purpose of cookies isn't tracking, they're a hack to maintain state between requests for what's supposed to be a stateless protocol (and until HTML5 came along with session storage and local storage, they were the only way to do that in the browser.) So cookies are useful (and often used) for purposes besides tracking and advertising.
Having cookies be opt-in by default would just punish anyone using cookies for benign purposes.
Cookies were never the only way to do this. Before cookies became popular having the ability to create a session was still possible. The primary method of doing this was similar to cookies, have a sessionId parameter to your query. There were also passive ways of profiling a user's client to isolate it based on what it looked like (IP, User Agent, user agent Accept and Accept Charset, etc see [0]).
I'd be interested to know what percentage of sites would actually lose functionality.
At a crude estimate, >90% of the sites that show me cookie warnings do everything I actually want them to statelessly. And I have some backup for that, because when I block cookies by default very few sites actually seem to get worse.
Are there clever user-aiding tricks with cookies that I don't realize I'm losing? Or is the average site with cookies purely for tracking and advertising?
(This is all a separate question from "should cookies be blocked by default"; I know a few uses really do suffer badly.)
True, and logins (along with browser games) leap to mind as the most widespread issue with general cookie-blocking.
But I probably sign into <5% of sites I visit, and even many of those are actively user-hostile, like Quora. I understand why Quora wants me to sign in, but from my end of things it's no more worthwhile than being asked to sign into Wikipedia just to read articles.
Broadly, I guess this is a gripe about how my web-use experience has become fundamentally adversarial. Cookies are one of many perfectly reasonable features which I cripple or disable even on respectable top-100 sites because they're used almost exclusively against my interests, but I'm not sure there's a good tech-level fix to that for users in general.
Sure, but I do not log in to the vast majority of the websites that I visit, and cookies aren't required for them to function properly unless I choose ('opt in') to log in.
Exactly. No one -has- to add a cookie that tracks you across sites they don’t even own. They can easily be used for authentication and session management without scraping a bunch of personal information from every visitor, logged in or not
Having cookies be opt-in by default would just punish anyone using cookies for benign purposes.