HSTS Super Cookies - reason to dump Safari?

[You are the One]

Hi guys,

just came across this article on The Register: HTTPS bent into the next super-cookies by researcher

Then went to test my brower (Safari 8.0.3 on 10.10.2, latest) at RadicalResearch

Seems Safari is vulnerable to this type of tracking, even across devices using the same iCloud account. I didn't test that but I'm now using FireFox until Apple comes up with a fix, or at least allows me to make choice.

I looked in the forums but didn't find any post about it, hopefully this is the right forum.

Have a good day

 

[GGJstudios]

just came across this article on The Register: HTTPS bent into the next super-cookies by researcher

Then went to test my brower (Safari 8.0.3 on 10.10.2, latest) at RadicalResearch

Seems Safari is vulnerable to this type of tracking, even across devices using the same iCloud account.

I just tested the site by copying the tracking ID on my first visit. Then I reset Safari, clearing my cache and cookies. When I re-visited the site, it did not give me the same tracking ID. Safari 7.1.2 on OS X 10.9.5.

As the site references iPads, I did the same test with my iPad mini on iOS 7.1.2. Same results. Their tracking cookie was deleted when I cleared Safari cache and cookies.

Same results on my iPhone running iOS 7.1.2.

 

[You are the One]

I just tested the site by copying the tracking ID on my first visit. Then I reset Safari, clearing my cache and cookies. When I re-visited the site, it did not give me the same tracking ID. Safari 7.1.2 on OS X 10.9.5.

So seems 7.1.2. and 8.0.3 handles HSTS differently then. Thank you.