Brave, fingerprinting and evercookies/supercookies

I’ve conducted some fingerprint testing of my own across a myriad of websites and hardened Brave has passed with flying colors* except for a certain website that utilizes an evercookie/supercookie, although this is only limited to a regular window and not a private window.

The interesting part is that this evercookie/supercookie survives the clearing of CookieAutoDelete with all storage paths toggled on. This begs the question, can Brave’s development team further investigate this inquiry to see where exactly this evercookie/supercookie is being derived from since it is not among the storage options in CookieAutoDelete but is among the clearing of everything in settings.

This has a high potential of increasing privacy without resorting to browsing everything through private window and would be a very interesting addition to the several privacy blog posts where Brave investigates and patches privacy concerns within the browser.

Website in question: https://amiunique.org/ and specifically the “cookieID” string when downloading your fingerprint.

*assuming you’re using a VPN since some websites like https://fingerprint.com/ only manage to identify a hardened Brave user through their static IP.