was reading this article.
would it be possible to disable such an identifier by site’s coder in anyway. trough php, js or whatever?
or are tor routers the only way?
Because it would be pretty neat if the website creator was also able to add some privacy to go along.
D
Yes you can, run your website on SSL/TLS. They can only inject headers in traffic they can inspect, which they can with plain HTTP, because it’s just plain text, but they can’t do that with SSL/TLS, because the data is encrypted.
The added advantage is that all traffic between the customer and your website is encrypted, so even if someone was snooping somewhere in the middle they would only know the person was somewhere on your website, but couldn’t tell what they were looking at.
It’s time to ditch HTTP altogether and make SSL/TLS mandatory.
PS. For more detail on how their ‘Super-cookie’ works, see http://webpolicy.org/2014/10/24/how-verizons-advertising-header-works/
thank you that is interesting. but how would you go about running a site on “SSL/TLS” and would it preclude it being a public site? Would there be an added expense for the https://ssl?
thx
D
Purchase and install a security certificate on your hosting.