Slashdot Mirror
Nevercookie Eats Evercookies
wiredmikey writes "Anonymizer, Inc. has developed Anonymizer Nevercookie, a free Firefox plugin that protects against the Evercookie, a javascript API built and made available by Samy Kamkar (same guy who brought you the Samy Worm and XSS Hacking to Determine Physical Location) who set out to prove that the more you store and the more places you store it, the harder it is for users to control a Web site's ability to uniquely identify their computer. The plugin extends Firefox's private browsing mode by preventing Evercookies from identifying and tracking users."
The company says that Nevercookie will be available as a free download later this month.
Premature story.
I look forward to reading this exact same story, except with details, in less than a month.
I live in constant fear of the Coming of the Red Spiders.
I hope that this "Nevercookie" addresses the issues raised by "Evercookie" in a systematic way, rather than just defeating Evercookie point-by-point.
Evercookie's creator explicitly noted that his work was a simple proof of concept, cooked up fairly quickly, as a way of raising the issue of covert persistent data storage on the web. He further noted that people who actually do evil for a living are probably at least as creative as he is, and have a whole lot more time to work on the problem. Simply defeating Evercookie, as released, will probably save you from a few of whatever the analytics world's equivalent of a script-kiddie is; but will do next to nothing against the issues that Evercookie was designed merely to demonstrate...
From the end of the article, " Specifically, Nevercookie prevents abuse to both the Adobe Flash Local Storage Object (LSO) and Microsoft's Silverlight Isolated Storage (MIS)." "
Doesn't BetterPrivacy already eliminate LSOs and other stored data?
I don't have Silverlight so I don't know if it eliminates that data but unless these "Evercookies" are somehow different than "Supercookies" you can eliminate this issue right now.
How does Google disallow Ad Blockers? I've been using AdBlock on Chrome for several months now... (before that I just used a filtering proxy)
I think it's been available since January.
I can't stand browsing without Noscript, and there is no equivalent for Chrome. That's pretty much it for me.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Chrome is made by Google, which is essentially a data mining company. Why would you expect them to have any desire to help their users eliminate these sorts of tracking cookies?
Isn't it better to be more common that to be more unique? Setting the USER-AGENT to something randomly generated will make you unique, but it's it better to "blend in" than to "stand out" ?
I think being unique would be fine as long as you are differently unique every time.
It was me, I did it, I moved your cheese