Anonymizer Nevercookie: Firefox Add-on to Kill the Evercookie

Is it too much if one is asking for one’s own privacy on the Internet these days? First, we had normal browser cookies, then we had more persistent Flash cookies and now the Evercookie that can provide everyone from advertisers to malware authors with useful information about the sites you have visited and more. Evercookie, an open source JavaScript API developed by security researcher Samy Kamkar, when implemented by any website stores a user ID and cookie data in eight different places. This makes evercookie a more persistent cookie form than Flash cookies or normal browser cookies.

Its goal is to identify a client even after they’ve removed standard cookies, removed Flash cookies (Local Shared Objects or LSOs), and others. This allows websites to track user behavior even when users have enabled private browsing because an Evercookie stores data in locations outside of where standard cookies are stored, an Evercookie can rebuild itself unless users go through a number of steps to completely clear and reset their local storage.

Generally, the Evercookie JavaScript API will make use of the following storage mechanisms if supported by the web browser.

  • Standard HTTP Cookies
  • Local Shared Objects (Flash Cookies)
  • Silverlight Isolated Storage
  • Storing cookies in RGB values of auto-generated, force-cached
  • PNGs using HTML5 Canvas tag to read pixels (cookies) back out
  • Storing cookies in Web History
  • Storing cookies in HTTP ETags
  • Storing cookies in Web cache
  • window.name caching
  • Internet Explorer userData storage
  • HTML5 Session Storage
  • HTML5 Local Storage
  • HTML5 Global Storage
  • HTML5 Database Storage via SQLite

Simply think of it as cookies that just won’t go away,” reads the evercookie FAQ.

ArsTechnica has posted an article “It is possible to kill the evercookie,” that shows different ways to protect yourself from evercookie but Firefox users can protect themselves by just using a simple add-on named “Anonymizer Nevercookie.”

Anonymizer Nevercookie eliminates the manual steps required to completely remove Evercookies. It does so without removing all the necessary cookies that you may actually want to keep, such as those for browsing history and remembered logins. When Anonymizer Nevercookie is engaged along with Firefox’s private browsing mode, it quarantines an Evercookie and removes it after the browsing session.

Quick Start Guide to use Anonymizer Nevercookie add-on:

  1. After installing the add-on, launch Firefox browser again, go to Tools > Start Private Browsing
  2. A new browser window will open. It will be branded with a blue Navigation Menu bar.
  3. Use this window for your private browsing session.
  4. To leave private browsing mode, close the private browsing window and in the parent Firefox window go to Tools > Stop Private Browsing.

nevercookie

Note: Leaving private browsing mode will release Flash and Silverlight cookies from quarantine and make you trackable again, so don’t end private browsing mode until you are finished your private session.

Important: If you haven’t used Firefox profiles before, you will probably notice a Profile selection prompt when starting Firefox after installing the extension. This is because the extension creates a temporary profile for each browsing session. If you don’t wish to see this prompt, select the default profile and check the box marked “Don’t ask at startup”.

Related

Comments

  1. No Updates? says

    Firefox 10 has been out for quite a while now, & your Nevercookie won’t work on even FF v9? Getting pressure &/or $$ from some tracking companies to knock off your insidiously invasive Evercookie killer or something? Cynical, but I’m sure I’m not the only one thinking that. I really like the fact that you created this Evercookie killer in the first place, & offered it for free, but please DO update it for AT LEAST FF v9, prettyplease? Thanks……

Leave a Reply

Your email address will not be published. Required fields are marked *