HSTS Supercookie #389
Comments
|
I can block HSTS tracking on http://www.radicalresearch.co.uk/lab/hstssupercookies with this:
A new ID is given for each page visit. |
|
that method only works for that specific website though. i found this http://www.ghacks.net/2015/10/16/how-to-prevent-hsts-tracking-in-firefox/ but clearing the file and setting it to read-only didnt help change the cookie ID (might have to restart the browser). it seems to be stored in the site preferences for websites, which you could set to clear but then you might lose other desirable site preferences. i wonder what can be done (firefox user) |
|
The problem is not that this site stores the cookies, but other sites. The site I liked to only proves, that the Supercookie technic works. Other sites might be using this technic, but NOT disclosing it to the public. I don't know my ins and outs of cookies so it might not be possible for a addon to do this. I am using chrome by the way. |
|
i dont think it comes in the form of a seperate request because nothing shows up in the logger except session cookies from that site and i have those blocked even. from the wikipedia article it seems like HSTS is set via a http header. maybe the browser then just takes that and stores it in the site preferences for a website. i dont think this is a problem umatrix would solve |
|
this page seems to have some information about where its stored https://support.mozilla.org/en-US/questions/984794 |
|
Ok, thanks for the answer :) |
Might there be a way to block or delete the HSTS Supercookie after a while, via your addon?
I found it on the YTChannel you liked on the projects wiki.
https://youtu.be/DExQf08iXIU
Additionally linked:
http://www.radicalresearch.co.uk/lab/hstssupercookies
The text was updated successfully, but these errors were encountered: