18 October 2010

The cookie that never crumbles

Browser cookies have a chequered history and the cookie has ceased to be the only kind of data that a server could ask a browser to store on its behalf. Newer and niftier caching methods can store vastly more information, and bake it into the browser for good. Some even obscure the fact that the browser is storing such data. A list of such ruses on the Evercookie site describes 13 distinct methods for a server to pass a token that will be reactivated whenever a browser revisits the same server.