W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2015

RE: Super Cookies in Privacy Browsing mode

From: Mike O'Neill <michael.oneill@baycloud.com>
Date: Sat, 10 Jan 2015 12:00:39 -0000
To: "'David Singer'" <singer@apple.com>, "'W3C Privacy IG'" <public-privacy@w3.org>
Message-ID: <2bac01d02ccd$149521a0$3dbf64e0$@baycloud.com>
Hash: SHA1

Hi David,

I am definitely interested in these ideas, can you give a summary?


> -----Original Message-----
> From: David Singer [mailto:singer@apple.com]
> Sent: 08 January 2015 22:40
> To: W3C Privacy IG
> Subject: Re: Super Cookies in Privacy Browsing mode
> I think we might need a consensus definition of what private browsing mode is,
> and how it affects servers.  We had some offline conversation about it at the
> workshop.
> For example, for some people ‘private browsing’ starts a sandbox that is
> initialized from the regular browsing context (cookies and all), but that is
> discarded at the end of the private browsing session.  There’s no need for
> supercookies to correlate the regular browsing into private browsing, as the
> cookies are there.  Correlating the other way will simply raise the ire of users if
> you are not careful, as it would persist state and hence ‘leak’ from the private
> session back into the general one.
> I have some ideas around codifying ‘private browsing mode’ and how to
> communicate ‘heh, I am trying to be private here!’ to servers.  Is this a topic of
> interest to others?
> > On Jan 8, 2015, at 12:13 , Rigo Wenning <rigo@w3.org> wrote:
> >
> > Happy New Year!
> >
> > Interesting article about how HTTP Strict Transport Security can be used to
> > circumvent the protections in the private browsing mode. But it seems to be
> > fixed in firefox >34. I don't know about the other browsers.
> >
> > --Rigo
> David Singer
> Manager, Software Standards, Apple Inc.

Version: GnuPG v1.4.13 (MingW32)
Comment: Using gpg4o v3.4.19.5391 - http://www.gpg4o.com/
Charset: utf-8

Received on Saturday, 10 January 2015 12:01:37 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:28 UTC