Nevercookie Eats Evercookies 91
wiredmikey writes "Anonymizer, Inc. has developed Anonymizer Nevercookie, a free Firefox plugin that protects against the Evercookie, a javascript API built and made available by Samy Kamkar (same guy who brought you the Samy Worm and XSS Hacking to Determine Physical Location) who set out to prove that the more you store and the more places you store it, the harder it is for users to control a Web site's ability to uniquely identify their computer. The plugin extends Firefox's private browsing mode by preventing Evercookies from identifying and tracking users."
Vaporware (Score:5, Insightful)
The company says that Nevercookie will be available as a free download later this month.
Premature story.
Coming later this month (Score:5, Insightful)
I look forward to reading this exact same story, except with details, in less than a month.
One hopes... (Score:5, Insightful)
Evercookie's creator explicitly noted that his work was a simple proof of concept, cooked up fairly quickly, as a way of raising the issue of covert persistent data storage on the web. He further noted that people who actually do evil for a living are probably at least as creative as he is, and have a whole lot more time to work on the problem. Simply defeating Evercookie, as released, will probably save you from a few of whatever the analytics world's equivalent of a script-kiddie is; but will do next to nothing against the issues that Evercookie was designed merely to demonstrate...
Different than "Supercookies"? (Score:2, Insightful)
From the end of the article, " Specifically, Nevercookie prevents abuse to both the Adobe Flash Local Storage Object (LSO) and Microsoft's Silverlight Isolated Storage (MIS)." "
Doesn't BetterPrivacy [mozilla.org] already eliminate LSOs and other stored data?
I don't have Silverlight so I don't know if it eliminates that data but unless these "Evercookies" are somehow different than "Supercookies" you can eliminate this issue right now.
Re:virtual machines (Score:4, Insightful)
How does Google disallow Ad Blockers? I've been using AdBlock on Chrome for several months now... (before that I just used a filtering proxy)
I think it's been available since January.
Re:Are Chrome Users Still Defenceless? (Score:3, Insightful)
I can't stand browsing without Noscript, and there is no equivalent for Chrome. That's pretty much it for me.
Re:Are Chrome Users Still Defenceless? (Score:4, Insightful)
Re:Coming later this month (Score:4, Insightful)
I look forward to reading this exact same story, except with details, in less than a month.
I anticipate reading this exact same story, except with less details, yet again in a year. I coin this the secondary Slashdot effect.
Re:virtual machines (Score:2, Insightful)
Re:One hopes... (Score:3, Insightful)
Re:virtual machines (Score:2, Insightful)
I think being unique would be fine as long as you are differently unique every time.