Majority of top sites will abuse Flash cookies to revive removed HTTP cookies!

Hi malware fighters,

One third of all Internet users deletes cookies once a month, this being a great concern to advertisers that more an more tend to use Flash Cookies to further continue monitoring their visitors.
According to researchers ( http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1446862 )
more than half of all top 100 sites now uses Flash Cookies, without users knowing this and/or without users explicit consent.
From 100 tested sites only 4 admitted they used this form of tracking.
Flash Cookies aren’t only unknown to the general user, they can only be managed through an Adobe website.
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Some websites use the Flash cookie to restore/revive normal cookies that users have deleted.
They use the HTTP and the Flash cookie with the same data values, to use the Flash version to back up the normal HTTP variety.
When the user removes his or her or its HTTP cookie, the Flash cookie values are placed into a new cookie to continue the user tracking, and this means business as usual.
Various major website use these techniques, as our researchers have found out.

Firefox
“A better integration between browser and Flash cookie handling will help users to self-protect their privacy by blocking these Flash or so-called Super cookies”, as researchers say.
To make browser tools more effective users should know they have Flash cookies on their hard disk. “Revealing their presence, the reason why they are being used and information how to check them, could be primary steps to stop the privacy dangers of Flash cookies as such.”

For Firefox users there is a add-on that can be used as a plug-in to block Flash cookies, known as Better Privacy. Better Privacy: https://addons.mozilla.org/en-US/firefox/addon/6623
However because of compatibility reasons (Better Privacy versus DrWeb’s av-link-checker)
polonus now uses the superior add-on Objection to remove LSOs,
After download and install of this add-on the settings can be found via the Tools dropdown menu,
so go to Tools - Objection etc. and make your preferred settings or delete the Flash Cookies there
that you want to remove…
http://lifehacker.com/399504/objection-deletes-hard+to+reach-flash-cookies

polonus

Hello polonus

objection incompatible with ff 3.5.2

Yes. They are still working on it.

Use Better Privacy
Edit: URLs for current version
Current version available at https://addons.mozilla.org/en-US/firefox/addons/versions/6623
or the from the developer’s page at http://netticat.ath.cx/BetterPrivacy/BetterPrivacy.htm

IIRC, it is designed to delete flash cookies while Objection tries to have control over the storage of flash-related information but I guess Alan Baxter is right…you don’t need to go for some beta program. If you dare to, there is always Nightly Tester Tools.

Just to clarify, I’m not suggesting there’s anything wrong with Objection, especially since polonus recommends it. (He also recommends Better Privacy, the extension I use.)

It’s not right or wrong…I simply pointed out the two addons work differently.

Thank you for doing so. I’m evaluating Objection now.

Hi for the bold of heart,

Just read this info on the use of Nightly Tester Tools for the novice:
http://forums.informaction.com/viewtopic.php?f=8&t=2325&sid=cd27a19e8268e25696e021b466a925fd#p9628
Could not agree with it more and it explains that when you pay attention and use it wisely even a newbie can enforce certain extensions for the latest versions of the Firefox and Flock browser. A word of caution can be found here: http://www.oxymoronical.com/web/firefox/nightly
As a user and tester of Firefox 3.6 Alpha 1 version I know what I am talking about. I abandoned Better Privacy because of incompatibility problems with DrWeb’s av link checker plug-in.
A superior Fx extension to deal with flash cookies is Objection 0.4.0b1 (not the earlier versions, but it doesn’t run on Fx3.5 nor on Fx 3.6.Alpha 1): http://objection.mozdev.org/testrelease.html (enforce with NTT);
The extension exposes hidden flash settings without having to load the flash settings manager online;
It can delete flash cookies (LSOs) manually and automatically;
It can delete flash history manually and automatically. Even when cookies are disabled (amount of space websites can use) flash still logs every domain where a flash object is loaded creating a kind of hidden history that’s unknown to the browser and can’t be cleared from within.
I.M.H.O. think the following forum thread is very informative and should be online: http://forums.informaction.com/viewtopic.php?f=8&t=2325&start=0

polonus aka luntrus aka Damian

I checked it with the portable version of FF 3.5.2 (Alternatively, there is 3.6 alpha version, too). Although it’s quite nice to take control on Flash Player with Objection addon, I’d stick to Flash manager for configuration and CCleaner custom folder for deletion.


Cookies get deleted from my computer right after each internet session. (BTW, I do not use FF)


Hi CharleyO,

You probably did not get the difference between the normal removable HTTP cookies and the quite different SUPER Cookies or Flash Cookies that can only be handled by specific extensions or programs, a normal cookie remover is helpless and cleaning proggies also do a poor job. Adobe’s Flash Cookies are on your hard drive and on their servers.
A good general proggie to do this on a Windows box is:http://files.geoapps.com/files/KillFlashCookies.zip]KillFlashCookies
The security situation with Flash Cookies is even worse as we thought, Flash Cookies are now also found to be able to circumvent Private Browsing and the so-called Pr0n button in many a browser. This is the reality: http://aviv.raffon.net/2009/08/17/NotSoPrivateAfterAll.aspx
See a POC here: http://www.bestflashanimationsite.com/swf/tutorials/shared_object.swf
Is not it time for Adobe to sit around the table with browser makers and discuss this issue, because until then what is the use of Private Browsing? Adobe is making rules of their own or enable others to do so - ad-centered interests at large…
A good general proggie to do this on a Windows box is:http://files.geoapps.com/files/KillFlashCookies.zip]KillFlashCookies

polonus