Researchers Expose Cunning Online Tracking Service That Can’t Be Dodged

http://www.wired.com/epicenter/2011/07/undeletable-cookie/

Quote:

So if a user came to Hulu.com from an ad on Facebook, and then later, using a different browser on the same computer, visited Hulu.com from Google, and then at some point signed up for the premium service, KISSmetrics would be able to tell Hulu all about that user’s path to purchase (without knowing who that person was). That tracking trail would remain in place even if a user deleted her cookies, due to code that stores the unique ID in places other than in a traditional cookie.

Without JS all the methods used completely fail.

Cookies can be controlled by you at will but only if you disable JS. Otherwise, expect to be tracked and to have information about you sold to the highest bidder.

even without JS, this kinda "global id giver sharing" will work...

as long as i can store something in your computer, by visit, pre-pend in your URL, loading simple small GIF ads with unique id got from global id giver, or just simple DIV calling to load some text.

it becomes possible by target the top 10 Alexa and put ads with global id, then wherever you go, they can trace us.

it is more evil when the ISP participate in such kinda campaign to trace everybody.

i would say, even no JS, you still can be traced.

those online banking, paypal, moneybookers would be the end-point that highly 99% accurate to reveal who this person who bear such id number travel from website A-Z.

very evil if those bank participates, but i guess, FBI, CIA will just force them to use such technology.

some cookies will respawn after being deleted...they are called 'zombie cookies'

Quote:

'zombie cookies'

INTERNET ZOMBIES?!?!?! what is the world coming to???

^^Yeah, here are some interesting sights.

http://www.google.com/#hl=en&cp=10&gs_id=t&xhr=t&q=zombie+cookies&pf=p&sclient=psy&biw=1152&bih=687&source=hp&pbx=1&oq=zombi+cook&aq=0l&aqi=g-l5&aql=&gs_sm=&gs_upl=&bav=on.2,or.r_gc.r_pw.&fp=da8c3ab7508c4c6a

And how to get rid of them :

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html

Uncheck Allow 3rd party Flash content to store data on your PC

Safe internet is like safe sex, you can try, but at some point, it will eventually get you.

sleepsleep wrote:

i would say, even no JS, you still can be traced.

Yes, with cookies. This is well known. But it is simple to delete or disable cookies as long as you are not running JS.

typedef wrote:

And how to get rid of them :

That is only for flash cookies. This problem goes deeper than that. Cookies can be respawned even without flash installed. But only if you have JS running.

JS is the key here. And with the upcoming HTML5 there are even more options for JS storing information about you in many different places.

@rev i was talking about zombie cookies only.

i think i'll start using lynx web browser or is it too late. i mean look at these sites taking so long just to load a damn JS file into the caching folder. even worse when you are on at&t's 22.5k bandwidth speed. what a joke...fuck at&t for ripping us off.

what's wrong with people?

comcast is better.
anyways back on topic. i just needed to get my frustration off on something.

Quote:

Yes, with cookies. This is well known. But it is simple to delete or disable cookies as long as you are not running JS.

it is easy to delete all, but most website just won't function if u delete or disable their cookies.

Forsure we can set rules on those sites that we usually visit, how bout those that we random visit while google for info.

I c no way we can disable tracking

Disable JS and flash. That gets rid of the nasty stuff

Disable third party cookies. Now you are 99% of the way there.

Clear your cookies each day or so. Now you are 99.9% done.

Forge your referer. 99.999% done.

Disable FRAMEs, IFRAMEs and external images. Now you are 99.9999% done.

If still worried then use proxies and make your browser ID string uniform. You're 100% done.

Did I miss something?

yes!
sit back and enjoy the .GIF hardcore porn.


btw, if you go to adobe's flash application data folder, you'll find all the flash settings files for all the sites you visited that have flash on. and some sites have hidden flash too.

anyways...

Disabling JS? Nowadays JS are even more widely used in web apps UI, like jQuery UI or YUI 3.

I can't imagine of that

Without JS and Flash I would be like a deaf and blind, I can't imagine life without music and visual arts (Internet is a cheapest source of media these times).

Oh yeah, "visual arts" and "media" are how the big brother bribes us into giving up our privacy

vid wrote:

Oh yeah, "visual arts" and "media" are how the big brother bribes us into giving up our privacy

Maybe "privacy" in the Internet and real life is only useful illusion?

MHajduk wrote:

Without JS and Flash I would be like a deaf and blind, I can't imagine life without music and visual arts (Internet is a cheapest source of media these times).

anyway, I think Flash will be gradually superseded by HTML 5

TmX wrote:

anyway, I think Flash will be gradually superseded by HTML 5

Technologies and tools evolve over time but the purpose ("to entertain people") stays the same since the dawn of history.