We all know what they are Cookies, those small files that many websites use to identify unique users and save data related to their browsing habits and preferences, or merely to keep a session open.
And yes, they are also the culprits that every time you look for a product you end up seeing dozens of ads about it wherever you go, what we usually call 'retargeting'.
However, in recent years, as data has become the emerging Internet business, some platforms are betting on a somewhat different kind of cookie, one that we cannot limit ourselves to deleting from the 'Options' section of our browser.
But so-called supercookies are much more difficult to remove and block, which makes it almost impossible for users to protect their privacy while browsing ... even if we resort to browsing in Private Mode.
And it is that, in reality, the 'supercookie' label ('permacookies' or 'zombie cookies' are also used) has been applied to a wide range of monitoring systems of our browsing data.
Creative uses of the browser cache
One of the techniques used by super cookie trackers is based on in taking advantage of the operation of the browser cache: these usually share resources between different websites (for example, loading an image embedded in a website only once if it had previously been shown on others).
However, that has caused crawlers to create supercookies by encoding identifiers in an image, thus being capable of collect data about all the times we access it from various websites, allowing us to reconstruct our browsing habits.
To avoid this, Mozilla announced a few days ago that their new browser Firefox 85 will implement 'cache partitioning', so that each website can only access files uploaded from the same domain.
Fingerprints of the Internet user
A second method to create supercookies, widely used a few years ago, was based on making an 'inventive' use of the HTSTS (HTTP Strict Transport Security) system, a technology that allows the website to instruct the browser to use the HTTPS protocol instead of HTTP.
In these cases, the browser, when responding to said request, does so by sending various 'flags' (pieces of information about the equipment) that allow to identify the user.
This technique was already blocked a few years ago by the main browsers, although the new fingerprinting techniques can be considered an evolution of the previous and they continue, unfortunately, very current.
Another of the representative examples of supercookies would be those created by Facebook 'Like' buttons that we can find inserted in various web pages, which allows the social network to collect information about our browsing habits in all of them.
Worse still: in some cases it has been detected that these supercookies have been created by telecommunications operators, which inject the so-called 'tracking headers' or 'tracking headers' at the network level, so they cannot be blocked by users.