Take Control Of Your Internet Privacy With BetterPrivacy Firefox Add-on

In the real world of Internet security push and shove, it seems everything has a “season” – a space in the spotlight. For example – each day we are bombarded with the latest, subjectively “most dangerous” – malware threat, cyber criminal operational techniques, application vulnerabilities, or irresponsible enterprise behavior – the latest being the negligent Epsilon data breach. All destined to become “old news” and seemingly irrelevant, within days

Just wait a few days and the Epsilon data breach will no longer be news worthy; it will simple fade away (just as if it never happened) – as have the other 20+ serious data breaches which have occurred in the last 30 days. Data breaches that have impacted governments, educational facilities, major enterprises ……

Test yourself – can you name one other security breach, application vulnerability, or dangerous malware threat, or technique, reported on in the last thirty days?

Internet privacy is a perfect example of this; in favor – out of favor, critical issue – non-critical issue cycle of Internet security push and shove. Lately, Internet privacy has been relegated to the back burner. Sort of like – hey, it’s not a big deal. Besides, there are newer and more exciting issues to report on – Internet privacy is old news!

But here’s the thing – Internet privacy is a substantial issue, and a more critical issue than ever. Developments in tracking technologies and a complete disregard for fundamental privacy rights, should be a major topic of conversation in the security community – until such time as the issue has been resolved in favor of consumers.

In the meantime, we’re on our own. It’s up to us, as individual consumers, to take the appropriate steps to safeguard our privacy (as best we can), while interacting with the Internet.

You can take a step in that direction by increasing your awareness of a significant threat to your privacy – Flash Cookies (also described as (LSO) – Local Shared Objects, and Smart Cookies).

Late last year, I wrote an article “BetterPrivacy Firefox Add-on Kills Flash Cookies”, centered on this stealthy and underhanded privacy threat, which I have now updated. I think you’ll find it’s worth another read.

image

If you hear something repeated often enough, then that “something” takes on a veneer of truth. It doesn’t necessarily mean that it is true of course – but, it appears to be true. The “truth” regarding Internet site cookies, falls into that category.

Most of us have heard that “truth” – without cookies (and now, Flash cookies), your Web experience would be terrible. You’d be starting from scratch each time you did anything on a given site online. Or, something along that line.

Nonsense! For years, I have deleted cookies at every Browser shut down, and have experienced no perceptible difference in performance when visiting the same 30 or so sites, that I visit every day

Here’s the reality:

imageCookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And a cookie is the tool that facilitates this happening.

Luckily, Internet browsers can be set to allow full user control over cookies including accepting, rejecting, or wiping private data which includes wiping cookies. That is, until recently.

It appears that a user’s decision to control cookies, in this way, is simply not acceptable to advertisers and certain web sites, and so, we now have the Flash Cookie (LSO) – Local Shared Objects.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important, from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

This practice of  web sites dropping Flash cookies onto your computer, which occurs without your knowledge or permission,  according to some in the security community, is akin to hacking. Frankly, I agree.

If you think this practice is restricted to shady web sites, you’d be wrong. Of the top 100 web sites, the majority use Flash Cookies. So, I was not particularly surprised, when I found some of my favorite sites involved in this invasive practice.

I first wrote on the issue of Flash Cookies back in September 2009, and since then, I’ve watched as these obnoxious web trackers and privacy invaders multiply like a virus.

Quick Flash cookie facts:

They never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

If you value your privacy, then without a doubt you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not delectable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

In the following screen capture (click to expand to original), you’ll notice BetterPrivacy has deleted a cumulative total of 6188 Super Cookies. An amazing number, considering the OS on this machine was freshly installed on March 1, 2011.

image

The Options and Help tab (shown in the following screen shot), will allow you to choose specific deletion methods. You should consider selecting “Disable Ping Tracking”, which will prohibit sites from following you as you surf the Net.

image

Download at: Mozilla

Simple HTTP cookies (ordinary cookies), can be subject to attack by cyber criminals, so it won’t be long before flash cookies will be subject to the same manipulation. Better you should learn how to control them now – not later.

Privacy, in all areas of our life is under constant attack, but that shouldn’t mean that we give up. We need to learn to fight back with every tool that’s available.

For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

About these ads

14 Comments

Filed under Browser add-ons, downloads, Firefox Add-ons, Flash Cookies, Freeware, Privacy, Software, Windows Tips and Tools

14 responses to “Take Control Of Your Internet Privacy With BetterPrivacy Firefox Add-on

  1. Mal

    Great article Bill.
    I’ve been using Better Privacy for a couple of years now I think. It really annoys me that companies think MY personal machine is there for them to put THEIR personal crap on. Better Privacy is another important tool to keep that crap out.
    Of course, there are other solutions for those who don’t use Firefox. But I’m going to do a Bill Mullins and sound like a broken record lol. People can use virtualization. It’s my new favourite security topic. 99% of my time on the internet is virtualization. Restart the computer and voila, all internet crap gone.
    My two bobs worth for today.
    Cheers

    • Hey Mal,

      “It really annoys me that companies think MY personal machine is there for them to put THEIR personal crap on”. You’ve managed to capture the entire article in one sentence. How cool is that!!

      Broken record or not (hopefully a 45 :)), you’re so right – virtualization is a clear winner. Still, since you’re a techie, it’s your high skill level in recognizing an unsafe condition that keeps you infection free. For you and I, virtualization acts as a fall-back safety zone.

      As you know well, no amount of active or reactive security applications, or devices, will keep those poor buggers who fail to take sensible precautions on the Internet, from being victimized. Virtualization ain’t gonna save them from spam scams and phishing.

      As always a great comment.

      Best,

      Bill

      P.S. I’m still waiting for that guest article. Since Autumn is underway Down Under this could be a perfect Fall project.

  2. Phoenix

    Quote: “Cookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And a cookie is the tool that facilitates this happening.”

    Aside from privacy concerns this is one of the more annoying side effects of cookies. I’m fed ads they think I want. Whenever I use methods that circumvent cookies I wind up learning about new products I didn’t even know about since advertisers had been busy feeding me what they thought I wanted.

    I’ll be looking into this add-on since it seems to have additional features like the ping killer. The pings can also track how long you’re on a page which supposedly tells them how interesting that page is to you, though the reader may have just paused to take a call, grab a snack, etc.

    What I’ve been using up to now is nirsoft’s flash cookie viewer/deleter. It’s not an automated tool so you have to remember to use it regularly, but it’s also not tied to one particular browser, so non-Firefox users might want to look into it. You can use it to view the contents of most Flash cookies.

    • Hi Phoenix,

      You raise an issue that I haven’t given much thought to – but, I see your point. It seems that despite out wishes we will be served ads – relevant, or not. Frustrating.

      I’m glad you brought up Cookie Viewer. I have some experience with it and I agree that it’s a worthwhile app. Nirsoft has some very cool applications.

      Bill

  3. Michael Fisher

    Bill ~ brilliant

    I’m listening’n’learning

  4. Daena

    104 cleaned out of my computer and it’s been runnning (since last format) for about 5 months now. I guess I was lucky? LOL Would these cookies have the same effect on Ubuntu/Linux?

    • Hi Daena,

      Yes, these cookies are equally as obnoxious in Ubuntu/Linux since cookies are Browser dependent and not OS dependent.

      The number of cookies is directly related to the number of unique sites visited, and the level of user activity on the Internet. Looks like I visit a few more sites than you. :)

      Bill

  5. John Bent

    Hi Bill,

    I’ve used Better Privacy since your last review. I also delete all cookies at the end of every browser session and don’t find it impacts my browsing experience. The ad purveyors exploit our laziness by pretending they are our friends and are only wishing to make the internet more user-friendly. In fact they are grooming us for their own ends – sound familiar?

    Anything we can do to help keep our use of the internet under our control is worth doing in my book.

    Kind regards
    John

    • Hi John,

      I like that “grooming us for their own ends”. It’s exactly that, isn’t it? First they condition us, and then line us up for the sheering.

      Great comment.

      Best,

      Bill

  6. Just installed BetterPrivacy and found 1304 LSO cookies. My browser was like a digital petri dish! In addition to the obvious privacy issues, I wonder how much these creepy-crawlies were also slowing down my system. I now have the add-on set up to wipe the cookies on exit. Thanks for the great pointer today, Bill!

    • Hey Stormin’ Norman,

      A petri dish, huh? Sounds like my Bathroom. :)

      It’s extremely unlikely that you’d experience system slowdown because of cookie. Still….

      Good to hear you found this useful.

      Best,

      Bill

  7. Pingback: Microsoft Using Windows Update To Market IE 9 | Bill Mullins' Weblog – Tech Thoughts

  8. Pingback: Microsoft Using Windows Update To Market IE 9 | e-Latest Trends