My dad is always worried about persistent cookies in his web browser for some reason. He claims they slow down his computer over time, and maybe he’s a little paranoid about the privacy aspect of cookies.
Some of the methods evercookie takes advantage of are typical and considered more or less legitimate, like using Local Shared Object cookies through the Flash plug-in. Other are pretty bizarre, such as creating web history entries in the browser that point to nonexistent URLs under the google.com domain. These weird entries are actually the Base64 encoded über-cookie, which it can recover later using a simple brute forcing algorithm and a CSS history hack. Yes, I said it was bizarre.
To some people, evercookie might seem like a strange, pointless, or downright malicious project. After all, no user wants to be tracked across the web with some new, intrusive type of cookie. But in my mind, releasing this functionality in an easy-to-use and open source package is a good thing. Most of the cookie storage mechanisms it uses are not all that new, and are being used already anyway.
To me, the real point of evercookie is to raise awareness among everyday web users, the IT crowd, privacy advocates, and hopefully web browser companies. Yes, there are a million ways for shady or malicious websites to track you across the Internet, and your browser just wasn’t designed to properly protect you. Things like evercookie remind me that we need to do a lot more work on improving the security and privacy features for web clients, so that users don’t need to be worried or paranoid about visiting any web sites – including new ones that they don’t necessarily trust.