worldnews — 2012-06-08T00:38:31-04:00 — #1
I thought that IP checking and cookie writing and then reading were the only 2 ways
for a server to keep track of a user, but apparently there is another way.
What is that?
For example, this site is able to know who I am, even though I have cleared my
Cookies and use a different IP than the original IP I used to visit it 1st.
How is that possible?
How can a site keep track of you beside IP tracking and Cookie writhing / reading?
This issue/question has really been baffling me.
eastcoast — 2012-06-09T12:06:35-04:00 — #2
There are also the loosely termed 'supercookies' which is a technique based on multiple local data storage e.g html5 dom storage, flash local shared object, java and silverlight data caches, and also browser/OS/IP metric fingerprinting, which they use to store, retrieve and regenerate data associated with a user.
worldnews — 2012-06-11T18:23:56-04:00 — #3
WOW! What are these?
What is the best read on these other browser identification methods?
sogo7 — 2012-06-15T18:29:49-04:00 — #4
The original 'Evercookie' demo script can be found at http://samy.pl/evercookie/ (Supercookie is what the media called it)
The CSS browser history hack* portion no longer works with latest versions of Firefox & IE, visitors with older browsers are of course still vulnerable.
*Identified by MIT students over a decade ago and re-worked by Jerimiah Grossman as a means of reading a browsers entire surfing history and his blog entry is a fascinating read all by itself:)