[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Evercookies / supercookies tracking & No Script whitelisting tracking sites

On 5/14/2012 3:52 PM, Mike Perry wrote:
Let's continue speculating instead of reading any documentation.
That's totally a productive use of everyone's time.

I'm not speculating at all. As I said, I read the info on new identity design (as best as I can understand - regarding both limited amount & complexity of info). I didn't get anything from them that explained (to me, a non expert) how New Identity, or anything else in TBB, deletes evercookies in every documented storage location (if they exist in many / all of those locations).
Sorry if I'm dense, but I didn't get that.

The original developer of the evercookie concept, Samy Kamkar, listed the places they can be hidden (below). I just didn't get that using New Identity would deal w/ all these locations. Maybe it does, but it didn't read like that to me.

    Standard HTTP cookies
    Local Shared Objects (Flash cookies)
    Silverlight Isolated Storage
Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out
    Storing cookies in Web history
    Storing cookies in HTTP ETags
    Storing cookies in Web cache
    window.name caching
    Internet Explorer userData storage
    HTML5 Session Storage
    HTML5 Local Storage
    HTML5 Global Storage
    HTML5 Database Storage via SQLite

The developer is looking to add the following features:

    Caching in HTTP Authentication
    Using Java to produce a unique key based on NIC information.

tor-talk mailing list