Little intro - so I thought the relevant settings to turn off privacy concern (unrestricted access to MS Account can be abused for unwanted web tracking so what follows is imo relevant to the thread) that wastingtimewithforums found are just a few clicks away, but now after well over 3 hours I seem not to be able to disable simple XSS tracking.
Now a fun <blink> CHALLENGE </blink>: Prove that IE9 or IE10 on any version of Windows isn't complete and utter joke by providing me with the right potion of IE settings changes which would accumulate in what this little prominently-visible-and-not-at-all-hidden checkbox does in Google Chrome:
I've tried many things - enabling XSS filter and disabling ActiveX controls won't help, as doesn't blocking third party cookies in 'Privacy->Advanced'. Disabling JavaScript does stop XSS, but it's not-solution for reasons that are obvious. I even went so far as disabling -everything- but JavaScript and IE9 would still let websites track me.
Don't even suggest TPLs as they are laughable blacklist solution or even more laughable Do Not Track headers as their enforcement relies on http servers honoring the header.
Test case: Facebook comment box integrated inside third party websites. Google Chrome with third party cookie blocking will prevent those websites from accessing my Facebook login information while IE apparently can't do that. You can test your anti-XSS settings with any website containing Facebook comment box or with some other XSS websites, although I won't be satisfied with an answer if it doesn't prove to be able to stop Facebook tracking. Some random website (edit: updated link) with Facebook comments that you can use for testing.
