|A new software cookie called "evercookie," that apparently cannot be deleted, has been created by a hacker who has been in the news before.
"Awesome" and "frightening" have been the two most common reactions on Twitter and in the tech world Wednesday, as word went forth about the Web browser-based cookie, first reported by Sebastian Anthony of DownloadSquad.com:
"As the name suggests, deleting an evercookie isn't easy — in fact, once you've taken a nibble, that's it: you can't delete it. Of course, no benevolent person would ever use evercookie — you'd have to be a nefarious money-grabbing megalomaniac! — but the sheer number of clever hacks, cheap tricks and snarky ingenuity employed to make evercookies invulnerable makes this project very interesting indeed."
Evercookie, Anthony wrote, "uses eight different storage locations for its cookie, ranging from HTTP and Flash cookies through to HTML5's new storage methods and 'RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out' (really!).
"If the cookie can be found in any one of those locations, it can be rebuilt (and then stored in all eight places again!) Basically, unless you know exactly what you're doing (and you have a lot of spare time to hunt down all of the cookies), you can forget about ever deleting an evercookie."
The cookie's creation is particularly jarring considering the hack that created problems Tuesday for Twitter users, as well as "Flash cookies," described by The New York Times as "a little-known piece of computer code placed on hard drives by the Flash program from Adobe when users watch videos on popular Web sites like YouTube and Hulu." Several lawsuits have been filed against media and technology companies that use such cookies.