Security News > 2018 > March > Apple Blocks Sites From Abusing HSTS Security Standard to Track Users

If you are unaware, the security standard HTTP Strict Transport Security (HSTS) can be abused as a 'supercookie' to surreptitiously track users of almost every modern web browser online without their knowledge even when they use "private browsing." Apple has now added mitigations to its open-source browser infrastructure WebKit that underpins its Safari web browser to prevent HSTS abuse after

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/bgaA7XPW7f4/hsts-supercookie-tracking.html