According to TRUSTe: “You can get valuable marketing insight by tracking individual users’ movements on your site. But you must disclose your use of all personally identifiable information in order to comply with the Fair Information Practices guidelines.”. The following storage mechanisms are available:
Standard HTTP Cookies
Storing cookies in and reading out Web History
Storing cookies in HTTP ETags
Internet Explorer userData storage (starting IE9, userData is no longer supported)
HTML5 Session Storage
HTML5 Local Storage
HTML5 Global Storage
HTML5 Database Storage via SQLite
Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out
Local Shared Objects (Flash Cookies)
Silverlight Isolated Storage
If a user is not able to remove the cookie from every one of these data stores then the cookie will be recreated to all of these stores on the next visit to the site that uses that particular cookie. Every company has their own implementation of zombie cookies and those are kept proprietary. An open-source implementation of zombie cookies, called Evercookie , is available. This is an educational example that is intended to show the numerous possible places for zombie cookies to be hidden.
Zombies would not seem that eerie and dreadful if you knew where they come from and how to eradicate them at their origins.
For zombie cookies, the eradications can be summarized as below:
Delete browser cookies
IE Tools --> Delete Browsing History... --> Cookie
Firefox Tools --> Clear Recent History... --> Cookies
Chrome Tools --> Clear Browsing Data --> Delete Cookies and other site data
Clear browser cache
IE Tools --> Delete Browsing History... --> Temporary Internet files
Firefox Tools --> Clear Recent History... --> Cache
Chrome Tools --> Clear Browsing Data --> Empty the cache
Clear browsing history
IE Tools --> Delete Browsing History... --> History
Firefox Tools --> Clear Recent History... --> Browsing & Download History
Chrome Tools --> Clear Browsing Data --> Clear browsing history
Delete Flash Cookies
Below table lists all the data stores used by zombie cookies, and methods of deletions on various browsers.
|
|
Chrome |
Firefox 3&4 |
IE8 or earlier |
IE9 |
|---|---|---|---|---|
|
HTTP Cookie |
Delete browser cookies |
Delete browser cookies |
Delete browser cookies |
Delete browser cookies |
|
Web History |
Clear browsing history |
Clear browsing history |
Clear browsing history |
Clear browsing history |
|
ETag |
Clear browser cache |
Clear browser cache |
Clear browser cache |
Clear browser cache |
|
IE userData |
--no data storage-- |
--no data storage-- |
Clear browser cache |
--no data storage-- |
|
HTML5 session store |
close browser |
close browser |
close browser |
close browser |
|
HTML5 local store |
Clear browser cache |
Clear browser cache |
close browser |
close browser |
|
HTML5 global store |
Clear browser cache |
Clear browser cache |
--no data storage-- |
--no data storage-- |
|
HTML5 database |
Clear browser cache |
--no data storage-- |
--no data storage-- |
--no data storage-- |
|
HTML5 Canvas |
Clear browser cache |
Clear browser cache |
Clear browser cache |
Clear browser cache |
|
Flash Cookie |
Delete Flash Cookies |
Delete Flash Cookies |
Delete Flash Cookies |
Delete Flash Cookies |
|
Silverlight storage |
? |
? |
? |
? |
Most
of the modern browsers offer private browsing mode, namely Chrome
Incognito, Firefox
Private Browsing, IE
InPrivate Browsing. In
these modes, Flash cookie could not be used. When a user closes his
browser, the browser cache and cookies are deleted automatically,
that clears out most of the backup stores for zombie cookie, though
browsing history seems persist, that leaves a door open for zombies
to come back.