Their demo manages to do 36 of them. Perhaps the limit only applies to server side redirects

Don’t browsers stop redirecting after a certain number? I think there’s literally an error code in chromium for too many redirects 

WeAreAllSatoshi

 which expresses the feasibility in terms of how many seconds it takes to perform the redirects required for generating ids in ranges of a certain size.

If someone were to use this attack at scale, they would probably pair it with some other kind of 

, because this is basically another, expensive but precise, method of fingerprinting.

If your browser redirects you more than a few times when you visit a website, I don't know what would make you stay/return.

devs

supercookie: ⚠️ Browser fingerprinting via favicon - jonasstrehle

Scoresby

The attack requires `floor(log2(id))+1` redirects where `id` is a numerical identifier. 

They have a chart [here](https://supercookie.me/workwise) which expresses the feasibility in terms of how many seconds it takes to perform the redirects required for generating ids in ranges of a certain size.

![](https://m.stacker.news/117913)

If someone were to use this attack at scale, they would probably pair it with some other kind of [browser fingerprinting](https://en.wikipedia.org/wiki/Device_fingerprint), because this is basically another, expensive but precise, method of fingerprinting.

If your browser redirects you more than a few times when you visit a website, I don't know what would make you stay/return.