Nevercookie Eats Evercookies 91
wiredmikey writes "Anonymizer, Inc. has developed Anonymizer Nevercookie, a free Firefox plugin that protects against the Evercookie, a javascript API built and made available by Samy Kamkar (same guy who brought you the Samy Worm and XSS Hacking to Determine Physical Location) who set out to prove that the more you store and the more places you store it, the harder it is for users to control a Web site's ability to uniquely identify their computer. The plugin extends Firefox's private browsing mode by preventing Evercookies from identifying and tracking users."
Re:Are Chrome Users Still Defenceless? (Score:3, Informative)
Check out Notscripts:
https://chrome.google.com/extensions/detail/odjhifogjcknibkahlpidmdajjpkkcfn [google.com]
Re:One hopes... (Score:1, Informative)
https://panopticlick.eff.org/ still would need to be addressed.
hey guys (Score:5, Informative)
Re:One hopes... (Score:2, Informative)
Re:Are Chrome Users Still Defenceless? (Score:1, Informative)
Well, depends on what you mean by 'defense'.
Private browsing has issues (see: http://blogs.pcmag.com/securitywatch/2010/08/university_study_finds_problem.php), so evercookie isn't really needed to track non-geeks.
Personally I skip the whole thing and run an instance of my browser of choice (chrome) in an chroot-jailed sandbox when I need a private browsing. After I finish browsing I wipe the sandbox clean and that is that. The only thing I really use incognito mode for is when I need to be logged in on two accounts from the same provider at the same time.
For anyone who's interested on how to set it up:
http://www.howtoforge.com/safe_mirror_unionfs_chroot details the basic technique, though I use aufs2 because I've modified it to run without a separate user and unionfs doesn't unmount properly in that situation.