'Super cookies' can track you even in private browsing mode, researcher says
Ian Paul |
Jan. 9, 2015
If there's one thing websites love to do it's track their users. Now, it looks like some browsers can even be tracked when they're in private or incognito mode. Sam Greenhalgh of U.K.-based RadicalResearch recently published a blog post with a proof-of-concept called "HSTS Super Cookies." Greenhalgh shows how a crafty website could still track users online even if they've enabled a privacy-cloaking setting.
HSTS Super Cookies only appear to work if you first visit a site in a non-private mode. Anyone visiting a site for the first time in private mode will not carry over an HSTS super cookie to their regular browsing.
As for Internet Explorer users, the good news is you are completely protected from this type of tracking! Now for the bad news: It's because IE doesn't support HSTS at all.