Slashdot Mirror

← Back to Stories (view on slashdot.org)

Introducing the Invulnerable Evercookie

Posted by CmdrTaco on from the evil-and-clever dept.

An anonymous reader writes "Using eight different techniques and locations, a 'security' guy has developed a cookie that is very, very hard to delete. If just one copy of the cookie remains, the other locations are rebuilt. My favorite storage location is in 'RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out' — awesome."

5 of 332 comments (clear)

  1. Developers take note by Monoman · · Score: 5, Insightful

    If you have to go to great lengths to work around customers doing things like deleting cookies then you are doing something wrong or evil.

    --
    Keep the Classic Slashdot.
  2. Re:"That's the great thing about evercookie" by Anonymous Coward · · Score: 5, Informative

    it's not his research either. this has already been observed in the wild and already reported by ars technica.

    http://arstechnica.com/tech-policy/news/2010/08/ad-firm-sued-for-allegedly-re-creating-deleted-cookies.ars

    the advertisement company got already sued for it.

  3. At least Linux users can... by WarmBoota · · Score: 5, Informative

    symlink the LSO folder to /dev/null

    --
    90% of everything is crap. Also, crap is relative.
  4. Re:Not hard to beat at first glance. by h00manist · · Score: 5, Insightful

    who doesn't know what a cookie is probably won't be affected by this in any way (i.e. they're already being tracked through regular cookies).

    There's all kinds of databases on people available. Search and you shall find.

    All data circulates easily and is simply very hard to stop. It is indeed like speech, it just happens, anyone can do it. Copyrighted data, personal data, credit data, secret data, whatever. Bottom line, gathering and selling various gray-black-market data is illegal immoral etc, and very doable and very interesting for companies and organizations of all types. Not unlike downloading movies is for many - illegal but easy and interesting data. It's the interests that are different.

    --
    Build your own energy sources from scratch. http://otherpower.com/
  5. Re:nietzsche quote applies: by MozeeToby · · Score: 5, Interesting

    Rather than disabling and trying to defeat all these tracking mechanisms I think it would be easier to flood them with false information. Someone should set up a cookie sharing site and FF extension that trades (safe, non-identifying) cookies amongst all the users of that extension. Why yes, I did visit mylittlepony.com directly between visits to journalofparticlephysics.edu and horsesluts9.com, why do you ask?