Flash Cookies – Spyware By Any Other Name

I first wrote on the issue of Flash cookies back in September 2009, and since then, I’ve watched as these obnoxious web trackers and privacy invaders multiply like a virus. Based on the number of questions I continue to get on the Flash cookie issue, it’s apparent – confusion reigns when it comes to this underhanded privacy threat.

One of the better forum comments I’ve seen referencing Flash cookies:

“I think many people may not realize how serious it is. In many ways, I see it as the virtual equivalent of dumpster diving or taping together a shredded document. It is deliberately ignoring a data owners deletion of data by an entity that has no business doing so.”

This practice of  web sites dropping Flash cookies onto your computer, which occurs without your knowledge or permission, is akin to hacking – according to some in the security community. Frankly, I agree.

Continuing developments in tracking technologies, and a complete disregard for fundamental privacy rights, should be a major topic of conversation in the security community – until such time as the issue has been resolved in favor of consumers.

In the meantime, we’re on our own. It’s up to us, as individual consumers, to take the appropriate steps to safeguard our privacy (as best we can), while interacting with the Internet.

Here’s what we’re up against – and, this is just one small example.

From Disinformation.com

McDonald’s, CBS, Mazda, Microsoft Sued For Tracking Internet Users’ Histories

In a complaint filed Tuesday with the U.S. District Court for the Southern District of New York, Sonal Bose alleges that McDonald’s and the other companies “acted in concert with Interclick,” to mine users’ Web surfing history for marketing purposes. “Defendants circumvented the privacy and security controls of consumers who, like plaintiff, had configured their browsers to prevent third-party advertisers from monitoring their online activities,” Bose alleges.

The lawsuit alleges that the companies violated the federal computer fraud law, wiretap law and other statutes. She is seeking class-action status. This lawsuit comes several weeks after Bose sued Interclick for allegedly using history-sniffing technology and Flash cookies to track her online activity.

History-sniffing technology exploits a vulnerability in browsers to discover the Web sites users previously visited. Researchers from the University of California, San Diego recently brought the technique to light when they published a paper explaining the technique and naming 46 Web sites where history-sniffing technology was being deployed. In at least some cases, ad company Interclick reportedly used the technology without the publishers’ knowledge.

Bose also says in her complaint that she believes that the defendants used Flash cookies for tracking purposes. Flash cookies are stored in a different place in the browser than HTTP cookies, and therefore, require additional effort to delete.

Flash cookie quick facts:

They never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

If you value your privacy, then without a doubt you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not delectable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

In the following screen capture (click to expand to original), you’ll notice BetterPrivacy has deleted a cumulative total of 6188 Super Cookies.

The Options and Help tab (shown in the following screen shot), will allow you to choose specific deletion methods. You should consider selecting “Disable Ping Tracking”, which will prohibit sites from following you as you surf the Net.

Download at: Mozilla

For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

Google Chrome users can take advantage of the Click&Clean Extension (works with Firefox as well).

The following screen capture of Click&Clean’s Options menu, illustrates the application’s ability to deal with Flash cookies.

Fast facts:

Delete your browsing history
Clear records from your download history
Remove cookies and Empty cache
Delete temporary files
Remove Flash Local Shared Objects (LSO)
Delete private data when Firefox closes
Automatically close all windows/tabs
Clean up your hard drives and Free up more disk space – including secure file deletion
Launch external applications, like CCleaner, Wise Disk Cleaner etc. on Windows – or Janitor, BleachBit, etc. on Linux

Download the Firefox version at: Mozilla

Download the Chrome version at: The Chrome Web store

You can read a full review of this application – Clean Up With Click&Clean Firefox and Chrome Extension, on this site.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Take Control Of Your Internet Privacy With BetterPrivacy Firefox Add-on

In the real world of Internet security push and shove, it seems everything has a “season” – a space in the spotlight. For example – each day we are bombarded with the latest, subjectively “most dangerous” – malware threat, cyber criminal operational techniques, application vulnerabilities, or irresponsible enterprise behavior – the latest being the negligent Epsilon data breach. All destined to become “old news” and seemingly irrelevant, within days

Just wait a few days and the Epsilon data breach will no longer be news worthy; it will simple fade away (just as if it never happened) – as have the other 20+ serious data breaches which have occurred in the last 30 days. Data breaches that have impacted governments, educational facilities, major enterprises ……

Test yourself – can you name one other security breach, application vulnerability, or dangerous malware threat, or technique, reported on in the last thirty days?

Internet privacy is a perfect example of this; in favor – out of favor, critical issue – non-critical issue cycle of Internet security push and shove. Lately, Internet privacy has been relegated to the back burner. Sort of like – hey, it’s not a big deal. Besides, there are newer and more exciting issues to report on – Internet privacy is old news!

But here’s the thing – Internet privacy is a substantial issue, and a more critical issue than ever. Developments in tracking technologies and a complete disregard for fundamental privacy rights, should be a major topic of conversation in the security community – until such time as the issue has been resolved in favor of consumers.

In the meantime, we’re on our own. It’s up to us, as individual consumers, to take the appropriate steps to safeguard our privacy (as best we can), while interacting with the Internet.

You can take a step in that direction by increasing your awareness of a significant threat to your privacy – Flash Cookies (also described as (LSO) – Local Shared Objects, and Smart Cookies).

Late last year, I wrote an article “BetterPrivacy Firefox Add-on Kills Flash Cookies”, centered on this stealthy and underhanded privacy threat, which I have now updated. I think you’ll find it’s worth another read.

If you hear something repeated often enough, then that “something” takes on a veneer of truth. It doesn’t necessarily mean that it is true of course – but, it appears to be true. The “truth” regarding Internet site cookies, falls into that category.

Most of us have heard that “truth” – without cookies (and now, Flash cookies), your Web experience would be terrible. You’d be starting from scratch each time you did anything on a given site online. Or, something along that line.

Nonsense! For years, I have deleted cookies at every Browser shut down, and have experienced no perceptible difference in performance when visiting the same 30 or so sites, that I visit every day

Here’s the reality:

Cookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And a cookie is the tool that facilitates this happening.

Luckily, Internet browsers can be set to allow full user control over cookies including accepting, rejecting, or wiping private data which includes wiping cookies. That is, until recently.

It appears that a user’s decision to control cookies, in this way, is simply not acceptable to advertisers and certain web sites, and so, we now have the Flash Cookie (LSO) – Local Shared Objects.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important, from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

This practice of  web sites dropping Flash cookies onto your computer, which occurs without your knowledge or permission,  according to some in the security community, is akin to hacking. Frankly, I agree.

If you think this practice is restricted to shady web sites, you’d be wrong. Of the top 100 web sites, the majority use Flash Cookies. So, I was not particularly surprised, when I found some of my favorite sites involved in this invasive practice.

I first wrote on the issue of Flash Cookies back in September 2009, and since then, I’ve watched as these obnoxious web trackers and privacy invaders multiply like a virus.

Quick Flash cookie facts:

They never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

If you value your privacy, then without a doubt you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not delectable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

In the following screen capture (click to expand to original), you’ll notice BetterPrivacy has deleted a cumulative total of 6188 Super Cookies. An amazing number, considering the OS on this machine was freshly installed on March 1, 2011.

The Options and Help tab (shown in the following screen shot), will allow you to choose specific deletion methods. You should consider selecting “Disable Ping Tracking”, which will prohibit sites from following you as you surf the Net.

Download at: Mozilla

Simple HTTP cookies (ordinary cookies), can be subject to attack by cyber criminals, so it won’t be long before flash cookies will be subject to the same manipulation. Better you should learn how to control them now – not later.

Privacy, in all areas of our life is under constant attack, but that shouldn’t mean that we give up. We need to learn to fight back with every tool that’s available.

For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

BetterPrivacy Firefox Add-on Kills Flash Cookies

If you hear something repeated often enough, then that “something” takes on a veneer of truth. It doesn’t necessarily mean that it is true of course – but, it appears to be true. The “truth” regarding Internet site cookies, falls into that category.

Most of us have heard that “truth” – without cookies (and now, Flash cookies), your Web experience would be terrible. You’d be starting from scratch each time you did anything on a given site online. Or, something along that line.

Nonsense! For years, I have deleted cookies at every Browser shut down, and have experienced no perceptible difference in performance when visiting the same 30 or so sites, that I visit every day

Here’s the reality:

Cookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And a cookie is the tool that facilitates this happening.

Luckily, Internet browsers can be set to allow full user control over cookies including accepting, rejecting, or wiping private data which includes wiping cookies. That is, until recently.

It appears that a user’s decision to control cookies, in this way, is simply not acceptable to advertisers and certain web sites, and so, we now have the Flash Cookie (LSO) – Local Shared Objects.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important, from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

This practice of  web sites dropping Flash cookies onto your computer, which occurs without your knowledge or permission,  according to some in the security community, is akin to hacking. Frankly, I agree.

If you think this practice is restricted to shady web sites, you’d be wrong. Of the top 100 web sites, 50+ use Flash Cookies. So, I was not particularly surprised, when I found some of my favorite sites involved in this invasive practice.

I first wrote on the issue of Flash Cookies back in September 2009, and since then, I’ve watched as these obnoxious web trackers and privacy invaders multiply like a virus.

Quick Flash cookie facts:

They never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

If you value your privacy, then without a doubt you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not delectable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

Download at: Mozilla

Simple HTTP cookies (ordinary cookies), can be subject to attack by cyber criminals, so it won’t be long before flash cookies will be subject to the same manipulation. Better you should learn how to control them now – not later.

Privacy, in all areas of our life is under constant attack, but that shouldn’t mean that we give up. We need to learn to fight back with every tool that’s available.

I have tried to write this article in a non-technical way, to make it easy for the average computer user to understand. For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Delete Invasive Flash Cookies – Two Free Tools

Invasive Web Sites – Another Look at Flash Cookies.

I first wrote on the issue of Flash Cookies back in September 2009, (LSO (Flash Cookies) – A Serious Attack on Your Privacy), and since then, if my own experience with these obnoxious web trackers is any indication, these “privacy invaders”, have multiplied like a virus.

Just like you I suspect, I have a list of particular sites that I visit nearly every day. In my case, that amounts to roughly 30 different sites. In my initial investigation of Flash Cookies, these 30 or so sites, left a total of 7 Flash Cookies. That total has now increased to 23 for these same sites.

Cookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And cookies are the tool that facilitates this happening.

Luckily, today’s Internet browsers can be set to allow full user control over cookies including accepting, rejecting, or wiping private data which includes wiping cookies. That is, until recently – until the advent of the Super Cookie.

It appears that a user’s decision to control cookies, in this way, is simply not acceptable to advertisers and certain web sites, and so we now have the Flash Cookie (LSO) – Local Shared Objects.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

If you think this practice is restricted to shady web sites; think again. Of the top 100 web sites, 50+ use Flash Cookies. So I was not particularly surprised, when I found some of my favorite sites involved in this invasive practice.

LSO fast facts:

Never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

Without a doubt, you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not deletable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

Note: The small “G” in the above graphic, lets me know that GeSWall, part of my layered anti-malware defense, is working correctly.

Download at: Mozilla

I quite like Better Privacy since it’s a one-click solution. On the other hand, for users who don’t want to be rid of all Super Cookies, (there may be very legitimate reasons for choosing not to do so), NirSoft offers an interactive, Browser independent solution.

FlashCookiesView

FlashCookiesView is a small utility that displays the list of cookie files created by Flash component (Local Shared Object) in your Web browser.

For each cookie file, the lower pane of FlashCookiesView displays the content of the file in readable format or as Hex dump. You can also select one or more cookie files, and then copy them to the clipboard, save them to text/html/xml file or delete them.

Since this small application doesn’t require installation, it’s suitable as a USB portable tool.

System requirements: Windows XP, Windows 2000, Windows Vista, Windows 7 (no indication on the developer’s site that x64 is supported).

Download at: PC World

Simple HTTP cookies can be subject to attack by cyber criminals, I suspect that it won’t be long before flash cookies will be subject to the same manipulation. Better you should learn how to control them now – not later.

Privacy, in all areas of our life is under constant attack, but that shouldn’t mean that we give up. We need to learn to fight back with every tool that’s available.

Since these are Flashed based cookies, Adobe does offer a way to exercise a degree of control. I found this solution at Adobe’s Flash Player Help Site,  needlessly complex.

For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Invasive Web Sites – Flash Cookies Revisited

I first wrote on the issue of Flash Cookies back in September 2009, (LSO (Flash Cookies) – A Serious Attack on Your Privacy), and since then, if my own experience with these obnoxious web trackers is any indication, these “privacy invaders”, have multiplied like a virus.

Just like you I suspect, I have a list of particular sites that I visit nearly every day. In my case, that amounts to roughly 30 different sites. In my initial investigation of Flash Cookies, these 30 or so sites, left a total of 7 Flash Cookies. That total has now increased to 13 for these same sites – not quite a 100% increase, but close enough.

Crafty business learned long ago that names and the connotations that surround names are important. It just wouldn’t do, for example, to call a piece of computer spyware – “spyware”, or “tracker”, or “privacy invader”. Doing so, would be sure to upset the unwitting victim.

So, instead of “tracker”, why not call the item a “cookie”? Good name, good connotations – happy memories of arriving home from school to a plate of cookies and a glass of milk.

Equally as important, from a business perspective, is the need to convince the victim that the questionable item has value, is constructive, and will make their Internet experience a smoother ride. But don’t believe it.

Cookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And cookies are the tool that facilitates this happening.

Luckily, today’s Internet browsers can be set to allow full user control over cookies including accepting, rejecting, or wiping private data which includes wiping cookies. That is, until recently.

It appears that a user’s decision to control cookies in this way is simply not acceptable to advertisers and certain web sites, and so we now have the Flash Cookie (LSO) – Local Shared Objects.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

If you think this practice is restricted to shady web sites, you’d be wrong. Of the top 100 web sites, 50+ use Flash Cookies. So I was not particularly surprised, when I found some of my favorite sites involved in this invasive practice.

Quick LSO facts:

Never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

Without a doubt, you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not deletable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

Note: The small “G” in the above graphic, lets me know that GeSWall, part of my layered anti-malware defense, is working correctly.

Download at: Mozilla

Simple HTTP cookies can be subject to attack by cyber criminals, so it won’t be long before flash cookies will be subject to the same manipulation. Better you should learn how to control them now – not later.

Privacy, in all areas of our life is under constant attack, but that shouldn’t mean that we give up. We need to learn to fight back with every tool that’s available.

I have tried to write this article in a non-technical way, to make it easy for the average computer user to understand. For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

LSO (Flash Cookies) – A Serious Attack on Your Privacy

Crafty business learned long ago that names and the connotations that surround names are important. It just wouldn’t do, for example, to call a piece of computer spyware – “spyware”, or “tracker”, or “privacy invader”. Doing so would be sure to upset the unwitting victim.

So, instead of “tracker”, why not call the item a “cookie”? Good name, good connotations – happy memories of arriving home from school to a plate of cookies and a glass of milk.

Equally as important, from a business perspective, is the need to convince the victim that the questionable item has value, is constructive, and will make their Internet experience a smoother ride. But don’t believe it.

Cookies are there for the benefit of advertisers; not the web site visitor – plain and simple. Keep in mind, that it’s critically important to advertisers to generate advertising that is specific to the web site visitor at the time of the visit – not later, but right then. And cookies are the tool that facilitates this happening.

Luckily, today’s Internet browsers can be set to allow full user control over cookies including accepting, rejecting, or wiping private data which includes wiping cookies. That is, until recently.

It appears that a user’s decision to control cookies in this way is simply not acceptable to advertisers and certain web sites, and so we now have the Flash Cookie (LSO) – Local Shared Objects.

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings. To call this a deceptive practice would be a major understatement. Crooked, immoral, fraudulent, illegal, are just some of the words that come to mind.

If you think this practice is restricted to shady web sites, you’d be wrong. Of the top 100 web sites, 50+ use Flash Cookies. One of the things I’ve learned in my years in technology is; crooks come in every size and shape. So, I was not particularly surprised when I found some of my favorite sites involved in this reprehensible practice.

Quick LSO facts:

Never expire

Can store up to 100 KB of information compared to a text cookie’s 4 KB.

Internet browsers are not aware of those cookies.

LSO’s usually cannot be removed by browsers.

Using Flash they can access and store highly specific personal and technical information (system, user name, files,…).

Can send the stored information to the appropriate server, without user’s permission.

Flash applications do not need to be visible.

There is no easy way to tell which flash-cookie sites are tracking you.

Shared folders allow cross-browser tracking – LSO’s work in every flash-enabled application

No user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.

Many domains and tracking companies make extensive use of flash-cookies.

Without a doubt, you need to control these highly invasive objects, and if you are a Firefox user there is a solution – BetterPrivacy – a free Firefox add-on.

From the BetterPrivacy page:

“Better Privacy serves to protect against not deletable, long-term cookies, a new generation of ‘Super-Cookie’, which silently conquered the internet.

This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.

This add-on was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them – since browsers are unable to do that for you”.

Download at: Mozilla

Simple HTTP cookies can be subject to attack by cyber criminals, so it won’t be long before flash cookies will be subject to the same manipulation. Better you should learn how to control them now – not later.

I have tried to write this article in a non-technical way, to make it easy for the average computer user to understand. For a more detailed breakdown on flash cookies, and the danger they represent to personal privacy, checkout The Electronic Privacy Information Center.

Update: September 23, 2009 – Professional Tech and regular guest writer, Dave Brooks, has found a solution for IE users at I am Super.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.