This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Los Angeles/2011 Meetings/January 26

From OWASP
Jump to: navigation, search

Topic: Evercookie

Speaker: Samy Kamkar

SamyKamkar.jpg

Samy Kamkar is best known for the Samy worm, the first XSS worm, infecting over one million users on MySpace in less than 24 hours. A co-founder of Fonality, Inc., an IP PBX company, Samy previously led the development of all top-level domain name server software and systems for Global Domains International (.ws), and worked for Penn State University developing AI-based psychometric personality assessment software.

In the past 10 years, Samy has focused on evolutionary and genetic algorithmic software development, Voice over IP software development, automated security and vulnerability research in network security, reverse engineering, and network gaming. When not strapped behind the Matrix, Samy can be found stunt driving, getting involved in local community service projects, and continuing his focus on staying out of jail.


Abstract: Evercookie: the Persistent Cookie

A javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they've removed standard cookies, Flash cookies Local Shared Objects or LSOs), and others.

Evercookie accomplishes this by storing the cookie data in several types of storage mechanisms that are available on the local browser. Additionally, if evercookie has found the user has removed any of the types of cookies in question, it recreates them using each mechanism available.

You can read more about Samy and Evercookie at http://samy.pl/evercookie/


Sponsor: IBM Rational Software

IBM Rational Software
http://www-01.ibm.com/software/rational/