Evercookie is a JavaScript-based application created by Samy Kamkar that produces zombie cookies in a web browser that are intentionally difficult to delete. In 2013 a top-secret NSA document was leaked by Edward Snowden, citing Evercookie as a method of trackingTor users.
Background
A traditional HTTP cookie is a relatively small amount of textual data that is stored by the user's browser. Cookies can be used to save preferences and login session information; however, they can also be employed to track users for marketing purposes. Due to concerns over privacy, all major browsers include mechanisms for deleting and/or refusing to accept cookies from websites. Adobe Systems claimed that the size restrictions, likelihood of eventual deletion, and simple textual nature of traditional cookies motivated it to add the local shared object mechanism to the Adobe Flash Player. While Adobe has published a mechanism for deleting LSO cookies, it has met with some criticism from security and privacy experts. Since version 4, Firefox has treated LSO cookies the same way as traditional HTTP cookies, so they can be deleted together.
Description
released v0.4 beta of the Evercookie on September 13, 2010, as open source. According to the project's website:
Evercookie is designed to make persistent data just that, persistent. By storing the same data in several locations that a client can access, if any of the data is ever lost, the data can be recovered and then reset and reused. Simply think of it as cookies that just won't go away. Evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they've removed standard cookies, Flash cookies, and others. Evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if Evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available.
An Evercookie is not merely difficult to delete. It actively "resists" deletion by copying itself in different forms on the user's machine and resurrecting itself if it notices that some of the copies are missing or expired. Specifically, when creating a new cookie, Evercookie uses the following storage mechanisms when available:
