←back to thread

Supercookie: Browser Fingerprinting via Favicon (2021)

(github.com)
357 points vxvrs | 4 comments | 16 Nov 25 19:39 UTC | HN request time: 0s | source
Show context
jmward01 ◴[17 Nov 25 04:29 UTC] No.45950851[source]
At some point we need actual consequences for sites that intentionally hide their tracking. It should be criminal. It is stalking and has real world consequences. Just because an exploit exists doesn't mean it should be used. That logic is like saying it is OK to break into a house because the lock on the door was weak. If we don't get real protections, at what point does it become justified to go offensive against sites that exploit things like this? If I found someone putting trackers on me with the intent to sell that information (harm me) I would defend myself. When am I allowed to do that in the digital world?

Quick side note here. I appreciate the research calling this out. We need to know the dangers out there to figure out how to protect ourselves, especially since governments don't seem to take this seriously.

replies(6): >>45951535 #>>45952021 #>>45952606 #>>45952627 #>>45952643 #>>45954161 #
1. gus_massa ◴[17 Nov 25 11:13 UTC] No.45952606[source]
Isn't this covered by GDPR?
replies(2): >>45953432 #>>45954340 #
2. weberer ◴[17 Nov 25 13:36 UTC] No.45953432[source]
GDPR has a massive exploit where you can do whatever you want as long as you declare it "legitimate interest".
replies(1): >>45953612 #
3. dns_snek ◴[17 Nov 25 14:02 UTC] No.45953612[source]
That must've escaped all of the legal teams of all the companies that have been fined. GDPR's biggest problem is its general lack of enforcement. Companies can still get away with just about anything because the overwhelming majority of violations are never investigated.
4. timeon ◴[17 Nov 25 15:19 UTC] No.45954340[source]
Unfortunately, future of GDPR is uncertain: https://noyb.eu/en/eu-commission-about-wreck-core-principles...