Comments on: Abusing the Cache: Tracking Users without Cookies http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/ It's a blog about the web, by Josh. Geddit? Fri, 07 May 2010 08:00:37 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Dmitry Vl.Bondar http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-7562 Dmitry Vl.Bondar Wed, 28 Apr 2010 09:20:45 +0000 http://joshduck.com/blog/?p=17#comment-7562 The technique doesn't work if web address contains port number like www.mysite.com:8082 The technique doesn’t work if web address contains port number like http://www.mysite.com:8082

]]> By: Josh http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-7071 Josh Mon, 05 Apr 2010 20:46:12 +0000 http://joshduck.com/blog/?p=17#comment-7071 Thanks Nathan. Good spot. Thanks Nathan. Good spot.

]]> By: Nathan Friedly http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-7070 Nathan Friedly Mon, 05 Apr 2010 20:40:54 +0000 http://joshduck.com/blog/?p=17#comment-7070 heh, I topoed my corection, lol. it should say: header(“Last-Modified: $modified GMT”); heh, I topoed my corection, lol. it should say:

header(“Last-Modified: $modified GMT”);

]]> By: Nathan Friedly http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-7069 Nathan Friedly Mon, 05 Apr 2010 20:40:09 +0000 http://joshduck.com/blog/?p=17#comment-7069 I think you have a mistake in your code. Line 56 reads: header("Last-Modified: $expires GMT"); You probably meant: header("Last-Modified: $emodified GMT"); As it is now, you're claiming the last-modified date is 10 years in the future. I think you have a mistake in your code.

Line 56 reads:
header(“Last-Modified: $expires GMT”);

You probably meant:
header(“Last-Modified: $emodified GMT”);

As it is now, you’re claiming the last-modified date is 10 years in the future.

]]> By: JasonMorrison.net http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-5923 JasonMorrison.net Wed, 10 Feb 2010 08:17:16 +0000 http://joshduck.com/blog/?p=17#comment-5923 <strong>Three Ways Sites Can Track Visitors Without Cookies, Part 2...</strong> In part 1, I wrote about the EFF’s Panopticlick project and the implications for anonymity. I’ve got two more methods up my sleeve. 2. Use the cache. Cookies aren’t the only thing your browser downloads and keeps around, and for good reaso.... Three Ways Sites Can Track Visitors Without Cookies, Part 2…

In part 1, I wrote about the EFF’s Panopticlick project and the implications for anonymity. I’ve got two more methods up my sleeve. 2. Use the cache. Cookies aren’t the only thing your browser downloads and keeps around, and for good reaso….

]]> By: admin http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-5704 admin Fri, 29 Jan 2010 21:35:00 +0000 http://joshduck.com/blog/?p=17#comment-5704 @Mogden, that's a good point. I haven't done much testing as to how long the data is retained as this was more a proof of concept. Like I said in the post I believe it would be more suited towards being used with cookies to make sessions more sticky. @Mogden, that’s a good point. I haven’t done much testing as to how long the data is retained as this was more a proof of concept. Like I said in the post I believe it would be more suited towards being used with cookies to make sessions more sticky.

]]> By: admin http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-5703 admin Fri, 29 Jan 2010 21:28:39 +0000 http://joshduck.com/blog/?p=17#comment-5703 Ray, the initial request is marked with Cache-control: private so intermediate proxies should know not to cache the page. Only the client will keep the cache. Ray, the initial request is marked with Cache-control: private so intermediate proxies should know not to cache the page. Only the client will keep the cache.

]]> By: uberVU - social comments http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-5700 uberVU - social comments Fri, 29 Jan 2010 15:27:36 +0000 http://joshduck.com/blog/?p=17#comment-5700 <strong>Social comments and analytics for this post...</strong> This post was mentioned on Reddit by k4st: That is surprisingly cool. I think that if the author can make this method work without Javascript and show that it is a cross-browser solution then it could be used (almost) anywhere where a cookie could be u... Social comments and analytics for this post…

This post was mentioned on Reddit by k4st: That is surprisingly cool. I think that if the author can make this method work without Javascript and show that it is a cross-browser solution then it could be used (almost) anywhere where a cookie could be u…

]]> By: Ray http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-5699 Ray Fri, 29 Jan 2010 13:39:05 +0000 http://joshduck.com/blog/?p=17#comment-5699 And what happens if the user is behind a caching proxy? Do all users of this proxy occur as a single user? And what happens if the user is behind a caching proxy? Do all users of this proxy occur as a single user?

]]> By: Josh on the Web » Blog Archive » Abusing the Cache: Tracking Users without Cookies « Netcrema – creme de la social news via digg + delicious + stumpleupon + reddit http://joshduck.com/blog/2010/01/29/abusing-the-cache-tracking-users-without-cookies/comment-page-1/#comment-5695 Josh on the Web » Blog Archive » Abusing the Cache: Tracking Users without Cookies « Netcrema – creme de la social news via digg + delicious + stumpleupon + reddit Fri, 29 Jan 2010 10:55:35 +0000 http://joshduck.com/blog/?p=17#comment-5695 [...] Josh on the Web » Blog Archive » Abusing the Cache: Tracking Users without Cookiesjoshduck.com [...] [...] Josh on the Web » Blog Archive » Abusing the Cache: Tracking Users without Cookiesjoshduck.com [...]

]]>