The basic background problem is that in the "normal" case, HSTS is a security an... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		schoen on Jan 3, 2015 \| parent \| context \| favorite \| on: HSTS Super Cookies The basic background problem is that in the "normal" case, HSTS is a security and privacy protection rather than a tracking mechanism. That's why one would typically want it to persist as much as possible. But it has the potential for tracking effects too (as this project demonstrates). I guess the current browser behavior is indeed an attempt to project user intentions based on that.

spacefight on Jan 3, 2015 [–]

My point was the subtle difference between automated data clean at end of browsing session and the reported manual action. Nothing else.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact