HSTS Super Cookies

Discussion in 'privacy general' started by acr1965, Jan 3, 2015.

  1. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
  2. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I didn't see "or completely replace the device" on that page.
    From the article
    This suggests a few ways to defeat this tracking method.
    1, filtering javascript.
    2, finding where the value is stored and preventing the browser from doing so, possibly by file/folder permissions.
     
  3. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    Probably you know, but they refer to setting sync by itunes when they said "completely replace the device". And though your suggestion are probably right, 1. can't be applied to whitelisted site (of course you should whitelist only trustworthy sites though), and 2. currently there's no such handy addon except for disabling HSTS. Maybe Proxomitron or its alike (such as Privoxy) can do it but you need to make new filter. I'll wait some dev implement such anti-tracking capability into his addon.
     
  4. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    I agree, after posting I read the article again and could not find it.
     
  5. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From the article:
    That's incorrect for Firefox on Windows.

    How to clear HSTS Settings in Major Browsers

    From Mozilla Bug 1114786:
     
  6. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  7. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    In Firefox, it's possible that a site has site-specific information stored, but doesn't appear in the about:permissions site list. If you want to be sure that all site-specific information for all websites is deleted, use History -> Clear Recent History and check 'Site Preferences'.
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The simplest answer to these would be SandBoxie.
     
  9. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    In my past experience on Chrome, actually when I deleted ANY of history data (either cookie or history or stored password or...), HSTS settings were deleted. It annoyed me because I wanted to save my HSTS settings for cert-pinning.
     
  10. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
Loading...