Demo: Detect Throwaway Accounts

Code: https://github.com/diafygi/detect-throwaways

Description

This is a demo that allows websites to detect and connect throwaway accounts to their real users when the user is using Firefox's Private Browsing mode. This exploits Firefox's Bug #1100154 that I reported in 2014. Chrome users are not affected by this exploit.

Follow these steps for the demo:

1. Create a real username:
   Clear
2. Open this link in a new Firefox private window: https://diafygi.github.io/detect-throwaways/throwaway.html

This is your throwaway username:

Waiting...