Favicon Storage Hack
- Storing websites in favicons is possible
- It poses a potential fingerprinting risk
- Browsers may reuse cache in incognito mode
The Buzz Score
The Internet’s Verdict: 70% Hyped, 30% Skeptical
Forum Voices
Experts weigh in on the potential risks and benefits of storing websites in favicons.
You can use the favicon cache as storage too, by redirecting users across domains. It’s been proposed as a potential fingerprinting risk[0], and if a browser naively reuses the cache for incognito mode, it could be used to track users across browser profiles.
Another expert notes a coincidence in timing, having recently submitted a website about storing stock portfolios in a URL and favicon.
Is this timing coincidence? I just submitted 1h (30 mins before this) ago a website I just made about storing your stock porfolio in a URL + favicon!
A user finds the idea interesting and thinks about potential exploits.
Pretty cool tbh!!! Would have loved seeing the decoder code!!! It’s also pretty interesting to think how an attacker could exploit images on his behalf. Never thought that would be a way!!! Thanks!
Focus Keyword: Favicon Storage
