Edit filter log

''''Evercookie''' is a [[JavaScript]]-based application created by [[Samy Kamkar]] which produces [[zombie cookie]]s in a [[web browser]] that are intentionally difficult to delete.<ref>{{cite news | title=New Web Code Draws Concern Over Privacy Risks | url=http://www.nytimes.com/2010/10/11/business/media/11privacy.html?_r=1&hp | work=The New York Times | first=Tanzina | last=Vega | date=2010-10-10}}</ref><ref>{{cite web | title=Samy Kamkar - Evercookie | url=http://www.samy.pl/evercookie}}</ref> In 2013, a top-secret [[NSA]] document was leaked by Edward Snowden<ref>{{cite news | title='Tor Stinks' presentation | work=The Guardian | url=http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document}}</ref> citing Evercookie as a method of tracking [[Tor_(anonymity_network)|Tor]] users. [[File:Tor_Stinks.pdf|thumb|'Tor Stinks' NSA presentation |page=7]] ==Background== A traditional [[HTTP cookie]] is a relatively small amount of textual data that is stored by the user's browser. Cookies can be used to save preferences and login session information; however, they can also be employed to track users for marketing purposes. Due to concerns over privacy, all major browsers include mechanisms for deleting and/or refusing to accept cookies from websites. The size restrictions, likelihood of eventual deletion, and simple textual nature of traditional cookies motivated [[Adobe Systems]] to add the [[Local shared object|Local Shared Object]] (LSO) mechanism to the [[Adobe Flash]] player.<ref>{{cite web | title= What are local shared objects? | url=http://www.adobe.com/products/flashplayer/articles/lso/ }}</ref> While Adobe has published a mechanism for deleting LSO cookies (which can store 100&nbsp;KB of data per website, by default),<ref>{{cite web | title=How to manage and disable Local Shared Objects | url=http://kb2.adobe.com/cps/526/52697ee8.html}}</ref> it has met with some criticism from security and privacy experts.<ref>{{cite web | title=Local Shared Objects -- 'Flash Cookies' | url=http://epic.org/privacy/cookies/flash.html}}</ref> Since [[Mozilla Firefox 4|version 4]], Firefox has treated LSO cookies the same way as traditional HTTP cookies, so they can be deleted together.<ref name="firefox flash LSO semantic change implementation1">{{cite web |url=https://bugzilla.mozilla.org/show_bug.cgi?id=625495 |title = Bugzilla entry 625495 - Clear Adobe Flash Cookies (LSOs) when Clear Cookies is selected in the Privacy > Custom > Clear History |author = Mike Beltzner |accessdate = 2011-09-28 |date = 2011-01-13 |quote = Change to the "on close" firefox behavior to use the new NPAPI ClearSiteData API. }}</ref><ref name="firefox flash LSO semantic change implementation2">{{cite web |url=https://bugzilla.mozilla.org/show_bug.cgi?id=625496 |title = Bugzilla entry 625496 - Clear Adobe Flash Cookies (LSOs) when Cookies is selected in Clear Recent History |author = Mike Beltzner |accessdate = 2011-09-28 |date = 2011-01-13 |quote = Change to the "clear recent history" firefox behavior to use the new NPAPI ClearSiteData API. }}</ref> ==Description== [[Samy Kamkar]] released v0.4 beta of the Evercookie on September 13, 2010, as [[open source]].<ref>{{cite web | title=Samy Kamkar - Evercookie | url=http://www.samy.pl/evercookie}}</ref><ref>{{cite web | title=Evercookie source code | url=http://github.com/samyk/evercookie/commits/master| date=2010-10-13 | accessdate=2010-10-28 }}</ref><ref>{{cite web | title=Schneier on Security - Evercookies | url=http://www.schneier.com/blog/archives/2010/09/evercookies.html | date=2010-09-23 | accessdate=2010-10-28 }}</ref> According to the project's website: <blockquote> Evercookie is designed to make persistent data just that, persistent. By storing the same data in several locations that a client can access, if any of the data is ever lost (for example, by clearing cookies), the data can be recovered and then reset and reused. Simply think of it as cookies that just won't go away. Evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they've removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others. Evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if Evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available. </blockquote> An Evercookie is not merely difficult to delete. It actively "resists" deletion by copying itself in different forms on the user's machine and resurrecting itself if it notices that some of the copies are missing or expired.<ref>{{cite web | title=It is possible to kill the evercookie | url=http://arstechnica.com/security/news/2010/10/it-is-possible-to-kill-the-evercookie.ars | date=2010-10-27}}</ref> Specifically, when creating a new cookie, Evercookie uses the following storage mechanisms when available: * Standard HTTP cookies * Local Shared Objects ([[Flash cookie]]s) * Silverlight Isolated Storage * Storing cookies in RGB values of auto-generated, force-cached [[Portable Network Graphics|PNGs]] using [[Canvas element|HTML5 Canvas tag]] to read pixels (cookies) back out * Storing cookies in Web history * Storing cookies in [[HTTP ETag]]s * Storing cookies in Web cache * window.name caching * Internet Explorer userData storage * HTML5 Session Storage * HTML5 Local Storage * HTML5 Global Storage * HTML5 Database Storage via [[SQLite]] The developer is looking to add the following features: * Caching in [[HTTP Authentication]] * Using Java to produce a unique key based on NIC information. == See also == * [[HTTP cookie]] *[[Device fingerprint]] *[[Canvas fingerprinting]] ==References==[[Category:Internet privacy software]] [[Category:Malware]]'