Economics Gone Wrong. Very Badly Wrong Indeed: Some Fairly-Recent Should- and Must-Reads...

Web state tracking considered harmful: Gertjan Franken: Who Left Open the Cookie Jar?: A Comprehensive Evaluation of Third-Party Cookie Policies: "Popular browsers include cookies in all requests, even when these are cross-site...

...Unfortunately, these third-party cookies enable both cross-site attacks and third-party tracking. As a response to these nefarious consequences, various countermeasures have been developed in the form of browser extensions or even protection mechanisms that are built directly into the browser. In this paper, we evaluate the effectiveness of these defense mechanisms by leveraging a framework that automatically evaluates the enforcement of the policies imposed to third-party requests. By applying our framework, which generates a comprehensive set of test cases covering various web mechanisms, we identify several flaws in the policy implementations of the 7 browsers and 46 browser extensions that were evaluated...


#shouldread
#web

Comments