Opinion

JavaScript the New Cookie Monster

Published

on

Long have we been told that cookie are how websites track your movement on the Internet.

We have also been told that deleting your cookie would clear your tracks and you would have a clean slate.

That still maybe true for several sites, but others have upgraded their tracking techniques with the help of JavaScript.

How they do it?

JavaScript is the engine that makes the popular sites such as Gmail, Facebook, Twitter, and Google Instant Search work.

Once you have JavaScript enabled then they create a profile based on information that they can access via your browser.

Information like the following:

  • Browser’s User Agent which holds information such as the browser you are using (Firefox/IE/Safari/Chrome, etc), the version, the operating system (Windows/Linux/Mac) and what types of content your computer can use.
  • Your IP Address, and even though your IP Address changes from time to time, they look at other information it provides such as the Country and the specific ISP that owns it like LIME/FLOW.
  • Your screen resolution also helps to uniquely identify your machine.
  • The fonts you have installed, and even the order that they are loaded by the operating system.
  • If you have cookies enabled, flash installed, java and what other plugins you have installed along with their version numbers.
  • Even the time-zone and time difference of your machine to their server.

When you add all this information up, a fingerprint of your machine can be created that uniquely identifies you as you browse across the web.

What makes matters worse is that if you upgrade your browser or a couple plugins, they are still able to (re)identify you and continue to track you.

What can you do to limit tracking?

Use plugins such as NoScript for Firefox that blocks JavaScript from sites you don’t trust.

When upgrading change several things at once.

Restrict Flash Super Cookies / Local Storage Objects. Visit Adobe Flash Settings Manager Site

Of course still continue to clear your cookies (esp. during an upgrade).

Browser developers are reported to be looking at how to detect and prevent this kind of fingerprinting and profiling in the future.

References:

A Primer on Information Theory and Privacy

Browser Fingerprints: A Big Privacy Threat

Local Shared Object

Electronic Frontier Foundation Research Paper (PDF)

If you are brave enough take the test. I was unique in 1,176,849 tests.


Khary Sharpe is a software developer and entrepreneur and describes himself as a Devtrepreneur.

He has designed, developed and implemented hardware and software solutions for online banking, interactive voice response systems, content management, and various mobile and web applications for the financial and telecommunications industry.

He is also the founder of Bakari Digital Ltd, a software manufacturing company based in Jamaica.

Connect with me:

http://www.twitter.com/kharysharpe
http://www.facebook.com/aboutkharysharpe

Click to comment

Trending

Exit mobile version