Evercookie, Extremely Persistent Cookies
Websites and services can use several techniques to identify a specific user visiting their properties, or third party properties they are affiliated with. Among the most common ones are standard HTML cookies, but also so called Flash cookies, also known as Local Shared Objects.
- Standard HTTP Cookies
- Local Shared Objects (Flash Cookies)
- Silverlight Isolated Storage
- Storing cookies in RGB values of auto-generated, force-cached
- PNGs using HTML5 Canvas tag to read pixels (cookies) back out
- Storing cookies in Web History
- Storing cookies in HTTP ETags
- Storing cookies in Web cache
- window.name caching
- Internet Explorer userData storage
- HTML5 Session Storage
- HTML5 Local Storage
- HTML5 Global Storage
- HTML5 Database Storage via SQLite
Why would someone want to drop data into that many locations? Easy: For a far superior user identification. When a site drops a cookie on the user's system it can identify the user for as long as the cookie is active. If the user deletes the cookie it cannot identify the user anymore. It may use algorithms to calculate probabilities but it usually cannot be sure that this is indeed a user who visited the site in the past.
Evercookies introduce a whole new level of user tracking. The website will be able to track the user, and reproduce deleted cookies, if at least one cookie or data in storage locations is not deleted by the user. And we all know that many users still have not heard about Flash cookies, the second most known form of storing cookies on a user system yet. How will those users cope with the news that there are more than ten additional ways of storing data to track a user?
Samy Kamkar has put up a demonstration page where users can set evercookies manually on their system. The same page contains options to rediscover the cookies. The suggested way of using the demonstration is to set the evercookie, delete cookies in all places known to the user to finally revisit the site to see if the evercookie is still existing on the system. The first rediscover button drops all deleted cookies in their place again, the second button does not do that. It is interesting that this method is able to track a user even if the browser is switched, at least as long as the Flash cookie is not deleted.
Incognito browsing in Chrome is not sufficient. The “lsodata” method persists.
Maybay a litel help wil be the program that will clean flash cookies http://www.flashcookiecleaner.com/
Also you can configure CCleaner to clean flash cookies.
See http://www.grc.com/SecurityNow.htm#270 for best info on this bad boy.
“…he did say that private browsing in Safari will stop all evercookie methods after a browser restart. So Apple Safari private browsing is robust enough to just shut all this down.”
So only Safari can stop it at the moment.
Easiest way to clear flash cookies:
Better Privacy – FF addon not only deletes but allows LSO mgmt in cases where you don’t want to log in every time – like YouTube or other non-sensitive places.
Also http://www.nirsoft.net/utils/flash_cookies_view.html if you’re an Opera fanboy (like me) who doesn’t feel like opening FF for routine cookie maintenance.
I have a few methods which I use to keep my computer clean from tracking, etc.
1) on bootup I run 2 batch files
– DNS Flush
– IP Renew
and I run CCleaner on bootup
2) I run PeerBlock
3) my browser is Chromium (builds updated daily) I block websites from setting data and I have these extensions installed:
– Facebook Disconnect
– Better Pop Up Blocker
– Keep My Opt-Outs
I never have any website remember my passwords. I also run Auslogics Registry Cleaner, Auslogics Registry Defrag and Auslogics Defrag a few times a week. I use Avast and Threatfire.
One word really : Sandboxie