Author Topic: Is there a defense against the "evercookie"?  (Read 6284 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33292
  • malware fighter
Is there a defense against the "evercookie"?
« on: September 23, 2010, 10:32:14 PM »
Hi malware fighters,

There is a new cookie that will not go away, evercookie, re: http://samy.pl/evercookie/
re: http://virtualreview.org/tech/zoom/1664919/introducing-the-invulnerable-evercookie, NoScript will block them, Click@Clean will also get rid of them after closing down GoogleChrome. Test here: http://samy.pl/evercookie

polonus

P.S. For one of the features see: http://samy.pl/csshack/

D
« Last Edit: September 23, 2010, 10:39:33 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33292
  • malware fighter
Re: Is there a defense against the "evercookie"?
« Reply #1 on: September 24, 2010, 12:14:50 AM »
Hi malware fighters,

Some of the answers for the Mozilla browser can be found here: http://forums.informaction.com/viewtopic.php?f=19&t=5093&start=0
Then the evercookie is not that "everlasting". But who will bastle such a creation in the first place, he definitely is not on the side of the browser user protection and would like to sell his creation to the highest bidder, I guess,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33292
  • malware fighter
Re: Is there a defense against the "evercookie"?
« Reply #2 on: September 26, 2010, 09:41:12 PM »
Hi folks,

Tested to recover the evercookie after cleansing my GoogleChrome with Click&Clean and these were the results:

pngData mechanism: null
etagData mechanism: undefined
userData mechanism: undefined
cookieData mechanism: null
localData mechanism: null
globalData mechanism: undefined
sessionData mechanism: null
historyData mechanism: undefined
lsoData mechanism: undefined
pngData mechanism: null
etagData mechanism: undefined
userData mechanism: undefined
cookieData mechanism: null
localData mechanism: null
globalData mechanism: undefined
sessionData mechanism: null
historyData mechanism: undefined
lsoData mechanism: undefined
pngData mechanism: null
etagData mechanism: undefined
userData mechanism: undefined
cookieData mechanism: null
localData mechanism: null
globalData mechanism: undefined
sessionData mechanism: null
historyData mechanism: undefined
lsoData mechanism: undefined

So nothing, nada, nichts, nix, niets, nie ma nic,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
Re: Is there a defense against the "evercookie"?
« Reply #3 on: October 03, 2010, 04:19:22 AM »
Thanks for the info, pol
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline CharleyO

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 7085
  • Be alert for error code - ID 10T
Re: Is there a defense against the "evercookie"?
« Reply #4 on: October 05, 2010, 07:53:59 AM »
***

Polonus often comes up with useful and interesting information.   :)


***
Self-built desktop (8 years old) - AMD64 3200+_Gigabyte GA-K8NS Ultra-939_4 gb RAM_GeForceFX 5800w/256 ram_XP/SP3_Avast 7_MBAM_ZA Free __and__ Toshiba Satellite Laptop_W7-64bit_ 4 gb Ram_Avast 8_MBAM