As if HTTP cookies, Local Shared Objects (Flash cookies), and web developer’s understanding of them wasn’t a big enough security issue, Samy Kamkar has written a JavaScript API for “virtually irrevocable persistent cookies.”Want to keep track of users even after they remove their cookies, switch browsers, clear cache, or whatever? No problem, just throw a reference to evercookie in your site’s pages and you’re good to go. The evercookie API will set cookies using 10 different storage mechanisms from straight-up HTTP cookies, to LSOs, to browser history, to forcefully cached, encoded PNG images, and even HTML5 storage areas.I haven’t played with it yet and I’m sure there are plenty of ways around it, but it’s an interesting concept for sure.
