samyk / evercookie

Produces persistent, respawning "super" cookies in a browser, abusing over a dozen techniques. Its goal is to identify users after they've removed standard cookies and other privacy data such as Flash cookies (LSOs), HTML5 storage, SilverLight storage, and others.
https://samy.pl/evercookie/
4.43k stars 662 forks source link

TLS session resumption, new feature in TLS protocol (TLS 1.3) is another evercookie #136

Open jasomdotnet opened 4 years ago

jasomdotnet commented 4 years ago

Here is a article from 2018 describing possibilities to use TLS session resumption as ever cookie (they call it supercookie).

https://nakedsecurity.sophos.com/2018/10/25/could-tls-session-resumption-be-another-super-cookie/