Monday, December 20, 2010

Flash Cookies - Do You Know They Exist And That They Are Being Used To Track You? Even If Your Other Privacy Settings Are Set To Paranoid?

It occured to me that I should probably tell you about flash cookies. Most people who spend a lot of time on the web know that sites can track you using browser/web page cookies - a serial number that identifies your browser if you return to a site - or a site that pulls in ad content from an external server. Except there are other cookies - flash cookies (as in your flash media player - e.g. youtube videos, all those annoying animated ads). I am including a link to the Adobe Flash Website Storage Settings panel so you can look at your flash cookies. Feel free to hit "delete all" like i do every week or so.

Wired and ghacks do a good job of explaining flash cookies:

Wired Mag - You Deleted Your Cookies? Think Again

"More than half of the internet’s top websites use a little known capability of Adobe’s Flash plug-in to track users and store information about them, but only four of them mention the so-called Flash cookies in their privacy policies, UC Berkeley researchers reported Monday.

Unlike traditional browser cookies, Flash cookies are relatively unknown to web users, and they are not controlled through the cookie privacy controls in a browser. That means even if a user thinks they have cleared their computer of tracking objects, they most likely have not.

What’s even sneakier?

Several services even use the surreptitious data storage to reinstate traditional cookies that a user deleted, which is called ‘re-spawning’ in homage to video games where zombies come back to life even after being “killed,” the report found. So even if a user gets rid of a website’s tracking cookie, that cookie’s unique ID will be assigned back to a new cookie again using the Flash data as the “backup.”"


----

"Flash cookies are a new way of tracing your movement and storing a lot more information about you than with normal cookies. One major disadvantage of flash cookies is that you can’t locate them in your browser. They are not shown in the list of cookies that you can see when you take a look at the cookies that are currently saved in your web browser. Normal HTTP cookies can’t save more than 4 Kilobyte of data while Flash cookies can save up to 100 Kilobyte. If you want to try out how they work you could do the following.

Go to Youtube, increase or decrease the volume of the videos and delete all cookies afterwards. You will notice that the volume level is still at the same level when you close your browser and open it again. This is done with so called Local Shared Objects, better known as Flash cookies. The main question is of course how a computer can be checked for Flash cookies and how it would be possible to delete those cookies again."
ghacks.net - Flash Cookies explained

2 comments: