Search the Site

Already Afraid to Open Your Web Browser? Meet the "Evercookie"

As security guru Bruce Schneier writes, “the arms race continues.” I do wonder if, when, or how there will be a computer users’ revolt against tracking tools like this one:

evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.
evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available.


Or maybe the revolt will occur from on high. As one of Schneier’s commenters writes:

At what point does it become criminal computer trespass for a website to take great steps to contaminate my machine when I am, by my actions, making it abundantly clear that I don’t want those things on my computer?
If I did to the server what these guys are doing to my client, I’d have the FBI at the door.

Be sure to read Schneier’s warning at the end of his post.


Comments