Web browsers are windows to the internet. But we should
always remember, that there is all sort of data that flows out and is been
collected. The sites we visit can share information with each other by leaving
different cookie. The Internet is poorly compatible with secrets and the secrets
of privacy is no exception. About each click made in the browser, by
definition, should know the two sides: the client and the server.
To monitor a person, you need to be able to identify him.
The easiest and best-studied method of identification is a cookie. The problem
is that it is the most vulnerable to attacks from privacy advocates. Both users
and even politicians know about them. In the European Union, for example, there
is a law that forces websites to warn users about the dangers of cookies.
Another problem is that some browsers by default block
cookies that are set by a third party – for example, a web analytics service or
an ad network. Such a restriction can be circumvented by driving a user through
a chain of redirects to a third-party server and back, but this, firstly, is
not very convenient, and secondly, it is unlikely that someone will save in the
long run. Sooner or later, a more reliable method of identification will be
There are more places in the browser where user can hide
identification information than the developers planned. Only some ingenuity is
needed. For example, through the DOM window.name property, you can transfer up
to two megabytes of data to other pages, and unlike cookies that are available
only to scripts from the same domain, data in window.name is also available
from other domains. Replace cookies with window.name is only hampered by the
ephemeral nature of this property. It does not store the value after the
session is finished.
A few years ago, it was fashionable to store identity
information with the so-called Local Shared Objects (LSO), which Flash
provides. In favor of LSO played two factors. Firstly, the user could not
delete them using the browser. Secondly, if the cookies in each browser are
their own, then the LSO, like Flash itself, is one for all browsers on the
computer. Due to this, it is possible to identify a user who alternately works
in different browsers.