Work is underway to defuse the Evercookie, which was revealed back in September as a nearly impossible to remove browser cookie
capable of tracking users even through the privacy mode included in most modern web browsers.
Now, the Nevercookie project from Internet privacy firm Anonymizer has resulted in its first release: a Firefox plugin that uses a pair of technologies to keep the private browsing mode private, even in the face of advertisers using the open-source Evercookie.
Developed by Geoffrey Abbott, Anonymizer's lead researcher, Nevercookie includes quarantining for two storage systems used by the Evercookie to bypass private browsing modes and cookie clear-outs: Microsoft Isolated Storage and Local Shared Objects, used by Silverlight and Flash Player respectively. When installed,the Nevercookie plugin moves objects stored in MIS and LSO into a temporary folder every time Firefox's private browsing function is invoked - preventing sites from reading the values stored therein. At the end of a private browsing session, any values collected are erased and the original stored values put back in their rightful place.
It's a neat technique for reducing the effectiveness of the Evercookie, and something that the Mozilla community should look at implementing in Firefox's code base sooner, rather than later.
The Nevercookie plugin is available as a free download from Anonymizer
Are you pleased to see that there are ways to avoid the grasp of the Evercookie, or still sore that the code was ever released in the first place? Share your thoughts over in the forums