I had the same thoughts; it seems to present a friendly picture but there are a ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		codeptualize on Jan 15, 2022 \| parent \| context \| favorite \| on: Exploiting IndexedDB API information leaks in Safa... I had the same thoughts; it seems to present a friendly picture but there are a lot of unanswered problems with this technology, even if only used for fraud protection. What if clients use it for tracking and other shady purposes, would they do something about it? Btw I tried with Tor Browser and it did not accurately fingerprint it between sessions which makes me wonder how effective it really is. Especially for fraudsters; intentional bad actors, I think it would be quite easy to bypass.

ezfe on Jan 17, 2022 | [–]

It isn't properly fingerprinting me on Safari between incognito/non-incognito sessions either: https://i.imgur.com/80en4LY.png

There's also an extra session on one of my incognito tabs listed in the session history on the demo page.

tinus_hn on Jan 16, 2022 | [–]

This vulnerability exists whether they report it or not.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact