jwallace.us

tech, tunes, and other stuff

Cookie Monster

We need to have cookies enabled in order to do a lot of things we like to do on the web. However, cookies can be a privacy issue. Few people like the concept of an Orwellian “big brother” watching everything they do, and likewise most people don’t want their web browsing behavior tracked by cookies. Setting your browser’s cookie setting to not accept third party cookies is a good precaution. Likewise, periodically clearing out your cookies is another good thing to do. However, would you believe if you declare total war on web cookies by enabling private browsing mode in your browser it might not be enough? Oh it will take care of your standard cookies, but not supercookies.  What, young grasshopper?  You’ve never heard of supercookies?

One type of a supercookie is an evercookie.

evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.”  Read more  about evercookies here:  evercookies – virtually irrevokable persistent cookies

More information about Flash cookies can be found here: Flash Cookie Researchers Spark Quantcast Change

Instructions on how to clear out your Flash cookies can be found here: Adobe: Global Security Settings panel

More information about supercookies can be found here: New Cookie Technologies: Harder To See And Remove, Widely Used To Track You

So lets declare war on these supercookies:

For Firefox, you can use NoScript, which will provide you with extra protection.  For Safari, you can use Ghostery and  Javascript Blacklist at Apple’s Extensions Gallery.  Ghostery is also avaliable for Chrome, Firefox, and Internet Exploder.  Also available for FireFox is an add-on called RequestPolicy, which can increase your privacy & security by giving you control over cross site requests.

Apart from tracking cookies is using device fingerprinting to track web browsers and other devices.  You can read about that here: