It is currently Sun Dec 22, 2024 9:15 pm

The Evercookie

For game and non-game related chatter, links, and other goodies, go here.

The Evercookie

Postby Zancarius » Wed Sep 22, 2010 11:08 am

If you're paranoid about privacy on the Interwebs, things have just gotten a whole lot more interesting. Introducing the evercookie, a cookie that uses eight different mechanisms to recover cookie data after cookies have been removed, rebuilding the cookie from any single source that remains. It's really ingenious.
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Zancarius
Site Admin
 
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male

Re: The Evercookie

Postby Killemal » Wed Sep 22, 2010 2:16 pm

I'm not liking this so much. How is this a good thing?
Image
User avatar
Killemal
Retired Goon
 
Posts: 272
Joined: Sun Feb 03, 2008 1:54 pm
Location: Boston Mass, Kid.
Gender: Male

Re: The Evercookie

Postby Zancarius » Wed Sep 22, 2010 5:01 pm

That's basically the point, it's not.

However...

It does appear that disabling JavaScript (or using NoScript and some permutation of various anti-scripting addons--Chrome has a functionally equivalent one called NotScript) defeats the vast majority of these attacks, effectively reverting the browser back into the user's control. Furthermore, the Firefox 4 beta appears to clear all cache sources, honoring the user's directives, but 3.6.x appears to only clear the cache--not the HTML5 datastores or anything of the likes (unless you have scripting disabled, of course).

There are some points of interest in the Slashdot discussion on this. If you're interested in NotScript, you can find it here.

I agree. This is definitely not a good thing, regardless of what that site's author claims. This could clearly be misused, and I think there's some indication that the black hats and malware authors have already been using these techniques for a while. I sometimes (rarely) read black hat SEO blogs and the likes since it's appropriate to defeat their techniques in the software I write, so it might be worthwhile to check whether they're pushing something of this sort.
I gave that lich a phylactery shard. Liches love phylactery shards.
User avatar
Zancarius
Site Admin
 
Posts: 3907
Joined: Wed Jul 05, 2006 3:06 pm
Location: New Mexico
Gender: Male


Return to General Chat

Who is online

Users browsing this forum: No registered users and 7 guests

cron