More than half of the internet’s top websites use a little known capability of Adobe’s Flash plugin to track users and store information about them, but only four of them mention the so-called Flash Cookies in their privacy policies, UC Berkeley researchers reported Monday.
Unlike traditional browser cookies, Flash cookies are relatively unknown to web users, and they are not controlled through the cookie privacy controls in a browser. That means even if a user thinks they have cleared their computer of tracking objects, they most likely have not.
What’s even sneakier?
Several services even use the surreptitious data storage to reinstate traditional cookies that a user deleted, which is called ‘re-spawning’ in homage to video games where zombies come back to life even after being “killed,” the report found. So even if a user gets rid of a website’s tracking cookie, that cookie’s unique ID will be assigned back to a new cookie again using the Flash data as the “backup.”
Even the whitehouse.gov showed up in the report, with researchers reporting they found a Flash cookie with the name “userId.” The site does say in its privacy policy that it uses tracking technology but it does not mention Flash or tell users how to get rid of the Flash cookie.
Read the article to learn what you don’t know about government’s websites tracking you via cookies and what to do about it all.
0
Dear Adobe,
Fix this or I will start blocking your Flash product. There are Firefox plug-ins just for that purpose. Don’t make us fix it for you.
Just did a search on my system and found hundreds of these in two folders. I generated shortcuts for these, and added them to the shortcuts for my cache and cookies, and now I empty these on a regular basis altogether with Windows Explorer. I use Opera 9.63.
Whats this got to do with Darth Vader?
He couldn’t even recognize his own droids.
[It’s a pic of a Vader COOKIE.]
C’mon geeks, please write privacy and security tools into ALL our internet tools.
ALL our browsing should be anonymous and encrypted by default.
There is a firefox plug in that deletes these things. I hate flash unless I need to go to Lonestar Runner or YouTube.
Go to this site to remove them and change your settings.
Look here to find them in two subfolders:
“C:\Documents and Settings\[user name]\Application Data\Macromedia\Flash Player”
I wish Ccleaner would add this to the list of things it cleans up.
You do not need plug-ins or going to managing site all the time to remove them. On fresh (any) browser install go to settings manager #6 points to and deny any storage and any flash cookies. Trivial. Everything works fine with both of those settings. No data or flash cookies are stored after that. No further action needed.
The easiest solution to this? Ccleaner. clears all kinds of tracks – flash cookies included. Its fast and has a small footprint and best of all, it’s free.
I bet you will be shocked the first time you run it. Hit “Analyse” before you hit “Run Cleaner” just to see how much of a footprint you leave on your computer.
Oh, and Adobe, while you’re at it, please add a preference that will stop flash access to my speakers.
Just stop fucking people over and i might just consider reinstalling your crap.
Yup, can’t do without ccleaner.
Here’s how to clean your flash cookies.
Holy Shit!! Ccleaner is pretty damn good at finding stuff. I keep my system what I thought was clean and it still found 1Gb of crap to delete……….
the problem with setting your privacy high on flash is that it then quits working on any site that wants to ad cookies or store 3rd part data on your machine
adobe should be sued for this huge piece of spyware/adware
Just install the “Better Privacy” add-on for Firefox. It will delete the ‘super cookies’ automatically.
With Better Privacy and Ccleaner this has got to be one of the better threads in months.
I’m sure that at some point it will just degrade into a Dem vs Rep, Left vs Right argument though….
I wan’t a “Vader” cookie, several, with milk…
User tracking is almost a non-issue for me.
however, the most shocking revelation in the article for was the photo credit:
“Photo: Fake Zombies attacking an innocent driver”
so..does this mean that in fact there are REAL ZOMBIES? -and photos of real zombies somwhere, since they had to qualify the credit with “fake”?
-and where do we find them?
(this of course does not include in-laws)
-or are people that dumb (or sue happy) that they must be told they are fake..etc..
—————————–
ok..back to the article..
imo it left out *a lot* in the realm of tracking..
in regards to browsers..(they left out the creme de la creme of tracking)
The Browser’s Browser, Firefox has the mac-daddy feature of user-persist storage called DOM Storage. (a “more secure” alternative to cookies)
This baby’s default can store up to 5 megs of tracking data. (and it that number can be changed up or down.
-i set it to 0 -just in case)
go to about:config and search for dom.storage and disable it. (it may generate script errors on some sites, but they will still function normally)
Google DOM Storage to learn all about.
note: IE 8 was suppose to implement this “feature” as well.
MSDN has an intro to it’s control.
——
i’ll post some info and tools to address the *wealth* of tracking data that is held in your registry in a bit (like any every file/prgm you *ever* opened is retained – for life if not cleaned -some is encrypted –to thwart you finding it via keyword search?)
i love when people hire me to address a malware/virus problem and i tell them that porn sites are a major attack vector to which they almost always proclaim “i don’t look at porn” -then i pull up porn sites they surfed from two years ago..to which i smile and say “no worries, i never saw indication of porn on your computer..”
yada yada
-s
#14….yeah the “Better Privacy” plugin
is Tits on a Ritz for automated flash cookie removal.
-s
Ok I will start the political bickering
We all know it is a commie, liberal, terrrrorist plot perpetrated by a lackey company for the CIA
In Windows XP the “cookies” and tracks of where you’ve been are in two places, both under “%APPDATA%\Macromedia\Flash Player\”
“%APPDATA%\Macromedia\Flash Player\#SharedObjects\”
“%APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys”
I ass*u*me Vista and Win7 have APPDATA directories but I haven’t played with either enough to know.
There’s a Firefox extension called BetterPrivacy which will take care of them for you.
I got into a long discussion about this with another blogger, and here’s his second article about them, which incorporates much of what we talked about. I actually wrote a batch-file that nukes your Flash cookies; if you run it as a scheduled task you don’t have to worry about them. It’s available for download from the files area of geoapps.com …
——- Included Stuff Follows ——-
More Ways To Deal With Unwanted ‘Flash Cookies’
bMighty.com: Blogs For Small Business and Mid-Sized Business
Following my recent post on Flash Cookies, one of our readers provided some interesting information about dealing with this issue. Read on for an update and additional details.
A bMighty.com reader, IT consultant Angus Scott-Fleming, informed me that the latest version of a utility called CCleaner now supports Flash Cookie cleanup. You can get more information about CCleaner and download the latest release (version 2.19) at its developer’s Web site.
… Angus also, by the way, developed his own Windows batch file that runs as a scheduled task and automatically removes any trace of Flash Cookies on a user’s system. It is available free of charge on his company’s Web site.
Although tools such as CCleaner and the Firefox BetterPrivacy extension now perform many of the same tasks, a batch file like this one is still a useful solution for many Windows users.
——— Included Stuff Ends ———
More here with links.
Net privacy is simply a personal hygiene standard. The health and welfare benefits attributable to a zero footprint browsing experience, are dubious.
>Whats this got to do with Darth Vader?
He couldn’t even recognize his own droids.
[It’s a pic of a Vader COOKIE.]
Yea, that’s why I didn’t ask what’s the cookie have to do with it.
CCleaner has been on my systems for years. Never heard of Better Privacy. Thanks.
Articles like this give me a chance to reminisce about the innocent days of yore when we first heard of cookies and just assumed they were evil.
Of course, we flamed ANYone who tried to make money on the internet.
Oh, how we laughed and played back then…
I’ve been using ccleaner forever, as well. Send a few bucks their way. Use the registry cleaner option as well, it’s amazing how much loose garbage gets left there, even a fresh Windows build ends up with loose threads. And while you’re at it, check out how fragmented a freshly built Windows drive looks….
Sorry, getting off topic a little. It’s frustrating how much privacy can be lost by simply not performing “routine maintenance”. Can you imagine how much privacy will be lost if we move everything to ‘the cloud’?!
I installed better privacy: thanks. I left the settings as are. They can install the cookie. I can use the web site and when I leave the cookie goes byby.