Something for the fingerprinting document from Frank.Dawson@nokia.com on 2013-08-20 (public-privacy@w3.org from July to September 2013)

From: <Frank.Dawson@nokia.com>
Date: Tue, 20 Aug 2013 10:42:21 +0000
To: <npdoty@w3.org>, <public-privacy@w3.org>
CC: <runnegar@isoc.org>
Message-ID: <B783647736D1454A9C30558CB754990139526653@008-AM1MPN1-004.mgdnok.nokia.com>

Hei Nick and W3C PING folks.

This may be news only to me but for the Fingerprinting document have you all read about "Cookieless Cookies" using ETAG?

Frank/

http://lucb1e.com/rp/cookielesscookies/

Summary: Cookieless cookies

There is another obscure way of tracking users without using cookies or even Javascript. It has already been used by numerous websites but few people know of it. This page explains how it works and how to protect yourself.


This tracking method works without needing to use:

    Cookies
    Javascript
    LocalStorage/SessionStorage/GlobalStorage
    Flash, Java or other plugins
    Your IP address or user agent string
    Any methods employed by Panopticlick

Instead it uses another type of storage that is persistent between browser restarts: caching.

Even when you disabled cookies entirely, have Javascript turned off and use a VPN service, this technique will still be able to track you.

Received on Tuesday, 20 August 2013 10:42:54 UTC