Update – The company has since released a beta version of the Nevercookie plug-in
Anonymizer, Inc., a company that helps protect consumer’s privacy and offers anonymity solutions, announced today that it has developed Anonymizer Nevercookie, a free Firefox plugin that protects against the Evercookie, a javascript API built and made available by Samy Kamkar (same guy who brought you the Samy Worm and XSS Hacking to Determine Physical Location) who set out to prove that the more you store and the more places you store it, the harder it is for users to control a Web site’s ability to uniquely identify their computer.👁 Fighting Against Evercookie
The plugin extends Firefox’s private browsing mode by preventing Evercookies from identifying and tracking users.
“Recent developments in Web tracking technologies have rendered the privacy tools built into browsers almost completely ineffective,” said Lance Cottrell, founder and chief scientist for Anonymizer. “Anonymizer Nevercookie will close the gap between Firefox’s privacy features and actual privacy so that when you go into private browsing mode, you are truly protected.”
Evercookie is a new, more persistent cookie form that enables the storage of cookie data in a number of different locations, such as Flash cookies and various locations of HTML5 storage. This allows websites to track user behavior even when users have enabled private browsing. Because an Evercookie stores data in locations outside of where standard cookies are stored, an Evercookie can rebuild itself unless users go through a number of steps to completely clear and reset their local storage.
Anonymizer Nevercookie simplifies this process and eliminates the manual steps required to completely remove Evercookies. And it does so without also removing all of the necessary cookies that a user actually wants to keep, such as those for browsing history and remembered logins. When Anonymizer Nevercookie is engaged along with Firefox’s private browsing mode, it quarantines an Evercookie and removes it after the browsing session.👁 Subscribe to SecurityWeek
Dr. Elie Burzstein, a noted Web security researcher at the Stanford University Research Lab, stated: “My testing and review found that when using Anonymizer Nevercookie along with Firefox’s private browsing mode, users are protected from all of the currently known tracking systems that use browser features to follow users across multiple sessions, such as Evercookie. Specifically, Nevercookie prevents abuse to both the Adobe Flash Local Storage Object (LSO) and Microsoft’s Silverlight Isolated Storage (MIS).”
The company says that Nevercookie will be available as a free download later this month.
Update: More technical details are available here: http://www.anonymizer.com/learningcenter/#lc_labs
For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.
Daily Briefing Newsletter
Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.
More from Mike Lennon
- Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks
- Iran-Linked Hackers Disrupt US Critical Infrastructure via PLC Attacks
- Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command
- US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies
- Zscaler Acquires Browser Security Firm SquareX
- CrowdStrike to Acquire Browser Security Firm Seraphic for $420 Million
- Tim Kosiba Named NSA Deputy Director
- CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash
Latest News
- Webinar Today: How Modern Breaches Bypass MFA and Evade Detection
- 1Password Acquires Apono in Reported $250M-$300M Deal
- Tenet Security Emerges From Stealth With $6 Million Seed Funding
- Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software
- Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack
- Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day
- Oracle’s Second Monthly Security Updates Deliver 245 Patches
- Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities
