Hacker News new | ask | show | jobs
by bvinc 1291 days ago
What’s to stop someone from sending unique last-modified dates to uniquely fingerprint browsers?
1 comments
nightpool 1291 days ago
Because the cache key for the site is partitioned by top-level origin in modern browsers, they wouldn't get any additional information this way that they couldn't get with existing first-party storage techniques, such as service worker caches, session cookies, IndexedDB, etc. See e.g. https://developer.mozilla.org/en-US/docs/Web/Privacy/State_P... for example. Opening a new incognito window would trivially defeat this method of "tracking". This is basically just a very small first-party-only cookie.
link
SahAssar 1291 days ago
Then why not use a cookie? The laws regarding tracking are not actually about cookies, but about all cookie-like tracking. What does this method gain?
link
nightpool 1291 days ago
The ability to put "no cookies :)" in your marketing materials
link
SahAssar 1291 days ago
So the ability to deceive?
link