The next front in the cookie wars: Fighting the Evercookie

Borg 386

Borg 386

ADHD Senior Member
Guru
Gold Member
VIP
Local time
8:59 PM
Messages
5,489
Location
In a house with a cat trying to kill me
Read More:

The next front in the cookie wars: Fighting the Evercookie | IT Security | TechRepublic.com

“Evercookie is a JavaScript API that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies, and others.”

Here we go again.
Click to expand...
Let’s assume the cookie data we want to store is “bcde”. Evercookie then accesses the following URLs in the background:

  • google.com/evercookie/cache/b
  • google.com/evercookie/cache/bc
  • google.com/evercookie/cache/bcd
  • google.com/evercookie/cache/bcde
  • google.com/evercookie/cache/bcde-
These URLs are now stored in the browser’s history. When checking for a cookie, Evercookie loops through all the possible characters on google.com/Evercookie/cache/, starting with “a” and moving up, but only for a single character.
Once it sees a URL that was accessed because it’s in the browser’s history, it attempts to brute force the next letter. This process occurs extremely fast because no requests are made to the server in question. Evercookie knows it has reached the end of the string as soon as it finds a URL that ends in “-”.
Click to expand...

TechRepublic: Can Evercookie be defeated by disabling JavaScript or using an application like NoScript?
Samy Kamkar: Yes, NoScript or turning off JavaScript will prevent the Evercookie from being created.
Click to expand...
 

My Computer My Computer

At a glance

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1,...Intel Core 2 Duo 2.93GHzNot much with my ADHDATI Radeon HD 4350
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
  • Like
Reactions: JMH
Yet more marketers trying to profile browsing habits.

This is really sad, as it's hard enough controlling the flow of your personal data currently, but it seems like things will only get worse in the near future~

Thanks for the info :)

Borg 386 said:
Read More:

The next front in the cookie wars: Fighting the Evercookie | IT Security | TechRepublic.com

“Evercookie is a JavaScript API that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies, and others.”
Click to expand...
Click to expand...
 

My Computer My Computer

At a glance

Windows 7 Professional 64 Bit SP1INTEL DUAL CORE 2.1Ghz4GB DDR3INTEL
Computer Manufacturer/Model Number
HP DV6 1330sa
OS
Windows 7 Professional 64 Bit SP1
CPU
INTEL DUAL CORE 2.1Ghz
Motherboard
N/A
Memory
4GB DDR3
Graphics Card(s)
INTEL
Sound Card
LAPTOP
Monitor(s) Displays
2
Screen Resolution
3200x1080
Hard Drives
250GB
PSU
LAPTOP
Case
LAPTOP
Cooling
LAPTOP
Keyboard
SOLID YEAR 260U
Mouse
USB
Internet Speed
20 MB/S
Someone needs to develop a program and call it warm milk as warm milk dissolves cookies! Or better yet cookie monster to eat up the evercookies.
 

My Computer My Computer

At a glance

Windows 7 Ultimate 64i7 3770k OC'd 4.6 @ 1.17v, also FX 8120 & i5 ...32 gb G.Skill Sniper DDR3 10-12-12-31 @ 2133XFX Radeon 7870 2GB DDR5
Computer type
PC/Desktop
Computer Manufacturer/Model Number
A blend of brains, brawn and dumb luck.
OS
Windows 7 Ultimate 64
CPU
i7 3770k OC'd 4.6 @ 1.17v, also FX 8120 & i5 miniITX
Motherboard
MSI P67A-GD80 b3
Memory
32 gb G.Skill Sniper DDR3 10-12-12-31 @ 2133
Graphics Card(s)
XFX Radeon 7870 2GB DDR5
Sound Card
Sound Blaster Z Series Card
Monitor(s) Displays
(2) LG LED 23" 1920 x 1080 2ms Monitors via mini d-port
Screen Resolution
1680 X 1050 p
Hard Drives
Samsung 256 gb 830 SSD sata III
(1) 1 tb WD Black
(2) 1 tb Hitachi deskmates/sata II
(2) 1 tb WD green/sata II
(2) 3 tb Seagate Barracuda
(1) 120 gb OCZ Vertex SS
(1) Drobo 5N w/5 Seagate 3tb
PSU
EVGA modular 1000G2 80% gold rating & APC 1200 RS
Case
CoolerMaster Storm Styker
Cooling
7 case fans 140mm & 120mm, NZXT Kraken X60
Keyboard
(2) Logitech Illuminated Keyboards (1) usb (1) wireless
Mouse
Logitech G700 & T-BC21 - nano nx for the laptop
Internet Speed
Basic 120mbps down
Antivirus
Trend Micro Titanium Max Security & Malwarebytes Premium
Browser
Chrome and IE 10
Other Info
5 Noctua case fans + 3 Noctua in p/p on NZXT cooler
Integrated hot swap drive bays for 2.5" Drives
(2) Lite-on dvd/cd/Blu Ray optical 22X
Integrated fan controller and led on/off
HP Officejet Pro 8630 all-n-one
Hot-swappable 3.5" hard drive bay
Netgear Nighthawk router
Asus USB 3 & sata 6 PCIe card
Vantec IDE to sata adptr./Ultra sata adptr
Lenovo L420 i5 lappy with m sata
Drobo 5N advanced NAS
"C" is for cookie.

Thats good enough for me.
 

My Computer My Computer

At a glance

Windows 7 EnterpriseIntel Pentium Dual E2200 @2.2GHz4GBPalit GForce 9500GT 1GB
OS
Windows 7 Enterprise
CPU
Intel Pentium Dual E2200 @2.2GHz
Motherboard
Gigabyte II-G31
Memory
4GB
Graphics Card(s)
Palit GForce 9500GT 1GB
Sound Card
onBoard
Hard Drives
WesternDigital: 250GB + 1TB + 1TB + 2TB
PSU
450W
Case
CoolerMaster CM690
Cooling
Corsair H50
Mouse
Logitech MX518
Still don't understand why we have to resort to plug-ins or add-ons like NoScript to accomplish what should be a standard feature of all browsers.
 

My Computer My Computer

At a glance

Win 7 Pro 64-bitIntel i5 2.4 Ghz8GB DDR3Intel HD 3000
Computer type
Laptop
Computer Manufacturer/Model Number
Sony Vaio VPCEB47GM Laptop
OS
Win 7 Pro 64-bit
CPU
Intel i5 2.4 Ghz
Memory
8GB DDR3
Graphics Card(s)
Intel HD 3000
Sound Card
IDT High Definition
Monitor(s) Displays
15.6 WGXA Anti-Glare LED
Screen Resolution
1280x800
Hard Drives
640Gb 7200rpm
Antivirus
MSE
Browser
Opera (primary) with IE9 backup
I found this to be a interesting read: In the war of Internet privacy, Internet Explorer 8 limit the default credentials of third-party cookie tracking | My Computers Land

"Microsoft engineers initially wanted to feature in Internet Explorer 8 to limit the default credentials of third-party cookie tracking, Wall Street Journal reported today. But the leaders, concerned about the implications for online advertisers, has won"

"Only one – Safari from Apple – is set to deny third-party cookies based on privacy."

marsmimar said:
Still don't understand why we have to resort to plug-ins or add-ons like NoScript to accomplish what should be a standard feature of all browsers.
Click to expand...
 

My Computer My Computer

At a glance

Windows 7 Professional 64 Bit SP1INTEL DUAL CORE 2.1Ghz4GB DDR3INTEL
Computer Manufacturer/Model Number
HP DV6 1330sa
OS
Windows 7 Professional 64 Bit SP1
CPU
INTEL DUAL CORE 2.1Ghz
Motherboard
N/A
Memory
4GB DDR3
Graphics Card(s)
INTEL
Sound Card
LAPTOP
Monitor(s) Displays
2
Screen Resolution
3200x1080
Hard Drives
250GB
PSU
LAPTOP
Case
LAPTOP
Cooling
LAPTOP
Keyboard
SOLID YEAR 260U
Mouse
USB
Internet Speed
20 MB/S
You must log in or register to reply here.

Similar threads

Fighting the war on spam
Replies
6
Views
2K
Night Hawk
Night Hawk
Back
Top