Update – The company has since released a beta version of the Nevercookie plug-in
Anonymizer, Inc., a company that helps protect consumer’s privacy and offers anonymity solutions, announced today that it has developed Anonymizer Nevercookie, a free Firefox plugin that protects against the Evercookie, a javascript API built and made available by Samy Kamkar (same guy who brought you the Samy Worm and XSS Hacking to Determine Physical Location) who set out to prove that the more you store and the more places you store it, the harder it is for users to control a Web site’s ability to uniquely identify their computer.
The plugin extends Firefox’s private browsing mode by preventing Evercookies from identifying and tracking users.
“Recent developments in Web tracking technologies have rendered the privacy tools built into browsers almost completely ineffective,” said Lance Cottrell, founder and chief scientist for Anonymizer. “Anonymizer Nevercookie will close the gap between Firefox’s privacy features and actual privacy so that when you go into private browsing mode, you are truly protected.”
Evercookie is a new, more persistent cookie form that enables the storage of cookie data in a number of different locations, such as Flash cookies and various locations of HTML5 storage. This allows websites to track user behavior even when users have enabled private browsing. Because an Evercookie stores data in locations outside of where standard cookies are stored, an Evercookie can rebuild itself unless users go through a number of steps to completely clear and reset their local storage.
Anonymizer Nevercookie simplifies this process and eliminates the manual steps required to completely remove Evercookies. And it does so without also removing all of the necessary cookies that a user actually wants to keep, such as those for browsing history and remembered logins. When Anonymizer Nevercookie is engaged along with Firefox’s private browsing mode, it quarantines an Evercookie and removes it after the browsing session.
Dr. Elie Burzstein, a noted Web security researcher at the Stanford University Research Lab, stated: “My testing and review found that when using Anonymizer Nevercookie along with Firefox’s private browsing mode, users are protected from all of the currently known tracking systems that use browser features to follow users across multiple sessions, such as Evercookie. Specifically, Nevercookie prevents abuse to both the Adobe Flash Local Storage Object (LSO) and Microsoft’s Silverlight Isolated Storage (MIS).”
The company says that Nevercookie will be available as a free download later this month.
Update: More technical details are available here: http://www.anonymizer.com/learningcenter/#lc_labs
Have you tossed your cookies lately?
