Evercookie: All Your Privacy…

Web CookieEvercookie is an open source javascript API that produces virtually irrevocable persistent cookies (hence the name) with the goal of identifying a client even after they’ve removed standard cookies, Flash cookies and other usual forms of cookies.

Evercookie accomplishes this by storing the cookie data is some novel ways and locations:

  • Standard HTTP Cookies
  • Local Shared Objects (Flash Cookies)
  • Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out
  • HTML5 Session Storage
  • HTML5 Local Storage
  • HTML5 Global Storage
  • HTML5 Database Storage via SQLite
  • Storing cookies in Web History

To top it all off, if a user deletes most of the cookies as long as one of the cookies remains, it will be discovered and the others will “come back”.

It even works cross browser.

If a users switches to a new browser, as long as the Local Shared Object cookie is present, the cookies will reproduce on the new browser.

What if the user deletes their cookies?

That’s the great thing about evercookie. With all the methods available, currently eight, it only takes one cookie to remain for most, if not all, of them to be reset again. For example, if the user deletes their standard HTTP cookies, LSO data, and all HTML5 storage, the PNG cookie and history cookies will still exist. Once either of those are discovered, all of the others will come back (assuming the browser supports them).

Does this work cross-browser?

If a user gets cookied on one browser and switches to another browser, as long as they still have the Local Shared Object cookie, the cookie will reproduce in both browsers.

Does the client have to install anything?

No, the client simply uses the website without even knowing about the persistent data being set, just as they would use a website with standard HTTP cookies.

To download the source code or learn more about these cookies which appear to solve the cookie persistence problem and could have large implications for user tracking by visiting Sammy Kamkars site.

Screwing Everything Into Place – Scrw.us

Scrw.us I mentioned our personal URL shortening service Scrw.us earlier this week when I was talking about how services like Bit.ly may fragment the web.

Sharing all of our content and the stuff the we come across on the web through Scrw.us has given us some interesting insights into what people are likely to click on.

It often amazes me that what I think will be popular rarely is. In fact, I have about as much success rate in predicting the popularity of our shared links as you might have predicting what Paris Hilton won’t wear next (but we’ll have to exclude underwear from the predictions as that’s just too obvious).

Today we launched the Scrw.us blog which, besides providing information about the Scrw.us service, will also provide insights into traffic trends, click through rates and popularity etc…

Today we’ve posted our first round up of the most popular links (based on clicks) to go through the service since we launched it 14 days ago.

Bearing in mind that currently the only shares are those created by Sara and myself (as it’s a private service) it’s interesting to see that the correlation between clicks and popularity is not always as concrete as one would expect. Sometimes posts have low click through rate but have done insane traffic as they’ve been shared on other services as well, which of course Scrw.us can’t track.

Screwed This Week: First Edition”, has all the info on the top 10 ten shares of the past 14 days including numbers of clicks as well as an explanation of how we intend to move forward and bring you weekly roundups of the best content.

As a side note, if you’re feeling slightly irreverent and would like to have your blog posts shared through Scrw.us drop me a line and we’ll see about getting your stuff on there. Just be aware that we’re not accepting any old crap. Cranky, irreverent gits will always get preference, followed by great content :)

Deathmatch Kirkpatrick VS Cochrane

Kirkpatrick Cochrane Deathmatch Inflammatory title I know, but there appears to be no love lost between Marshall Kirkpatrick of SplashCast and Todd “The Geek” Cochrane of Geek News Central.

This started heating up between these two after Todd started hammering SplashCast for hijacking RSS feeds.

Things became a little more bitchy yesterday after Todd wrote a post complaining that Google Buying FeedBurner is pure evil.

Have people really thought about the ramifications of this? Google will not only know what you search for, what ads you click on but they will also know EXACTLY what you are subscribed to at a very intimate level.

Anyway Todd’s post drew some comments including this simple little comment from Marshall:

Nice MyBlogLog widget over in that sidebar.

Now it’s well know that the MBL widget tracks a lot of what users do on your site. Some folks have gone as far as to say that real reason Yahoo purchased MyBlogLog was to get hold of the MBL widget and track Google AdSense click data.

Anyway Todd got more than a little defensive at that comment:


Your just pissed because I took you to task on your RSS Hijacking and content re-purposing you folks were doing over their.

My stance on FeedBurner is not new.

What makes this comment even more defensive and bitchy is that Todd choose not to reply to or comment on the much more provocative comment posted by an anonymous coward called “test”:

Such a whiny little hypocrite with your Yahoo spyware.

I respect both Marshall and Todd. I don’t personally know either of them. I’m a SplashCast fan and have exchanged a few mails with Marshall and I’m a Geek News Central fan and listen to Todd’s podcast regularly.

I just can’t figure out why Todd is put so “on edge” by this little comment. What’s driving this?

Maybe Todd was just having a bad day?

Maybe there’s more to this than we realize?

Maybe I’m just starting rumors  😉

Either way, I really wouldn’t have expected a “rub your nose in it” response like that from Todd.

I just seems childish and completely ignores the point that Marshall was referring to.

While Todd is complaining about Google gathering information on users he continues to feed information on his users and their clicks to Yahoo via the MBL widget.

I’d love to be at a conference with these too. I reckon there would be plenty of cold stares and “dagger” eyes shooting across the room.

Maybe we could have an MTV Celebrity Deathmatch – Marshall Kirkpatrick VS Todd “The Geek” Cochrane.

P.S. Sorry about the photoshop guys – I couldn’t resist!