Comment by oedmarap

5 years ago

This only applies to browsing where the user's cache is present, yes?

At least in Firefox 85.0.1 Desktop and 85.1.1 Android (when I tested) clearing the cache also nukes the favicons as well.

Also, I get different hashes when I test on demo.supercookie.me after clearing my cache on mobile, and also across Private windows on desktop.

The statement "[...] even in the browser's incognito mode and is not cleared by flushing the cache, closing the browser [...]" is misleading, at least where Firefox[0] is concerned.

[0] https://blog.mozilla.org/security/2021/01/26/supercookie-pro...

2 comments

oedmarap

Reply
charsi  5 years ago

Tested on Firefox 85.0 on Linux mint. The id is different across a normal window and a private window. Also tried using a new profile using `about:profiles` and again the id was different.

frombody  5 years ago

According to the article it looks like they started to fix this between versions 84 and 85.

It's unsurprising that browser manufacturers are patching this.