background preloader


Facebook Twitter

Killing the Evercookie (Google Chrome w/o Restart) This post inspired by Dominic White's attempt at killing Samy Kamar's evercookie demo.

Killing the Evercookie (Google Chrome w/o Restart)

As described:evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they've removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others. evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available. Yes, plain evil. Killing the Evercookie - Dominic White. (Hi Slashdot & The Register readers.

Killing the Evercookie - Dominic White

Make sure to check the 2nd part on killing iPhone Evercookie's too) Samy Kamar recently released his tool, evercookie. This uses multiple persistent data stores to set unique identifiers that can be used to identify your browser to a website. While my default Firefox browsing setup is safe against it, I noticed that the "disposable" Safari instance I used was not. I sometimes use a clean Safari instance to test or access things the tinfoil on my Firefox does not let me.

Killing the Evercookie - Part2 MobileSafari - Dominic White. UPDATE: An iPhone developer has turned this into an awesome little SBSetting addon.

Killing the Evercookie - Part2 MobileSafari - Dominic White

You'll still need a jailbroken phone but can install it via Cydia. My previous experiments in killing the Evercookie in Safari sparked similar posts describing how to do the same for Chrome and Firefox. Evercookie - virtually irrevocable persistent cookies. Researchers Find Methods to Kill Persistent 'Evercookie'.