Flash ‘Cookies’, a hidden baneJuly 28, 2008 at 09:57 | Posted in Privacy/Security | 22 Comments
Tags: cookies, flash, local shared objecs, lso, manager, privacy
I have made several updates to this post as I have noticed continued interest in it.
There is follow up to this in the comments below for those looking for a way to delete Flash cookies. I’ll be posting an windows bat file to do about the same soon. There is now a link in the sidebar to the right to downloadable versions of the LSO (Flash Cookie) removal scripts one for XP and one for Linux. I have yet to find a functional way to stop the cookies from being set as it seems blocking them seriously messes with some sites functionality.
There is another privacy bane on the net. “Flash Cookies”, or technically “local Shared Objects”. There is a good explanation of them on this Blog and also a link to the Adobe Flash Settings Manager which will let you manage them think you are managing them. These “cookies” are not cleared when you clear you browser’s cookies, are not stopped by telling your browser to prevent cookies, are not stopped by normal cookie managers. You currently have to use the Settings manager, or root them out and delete them manually.
you can go to the Settings manager and dong the following:
– Setting the default storage size to 0 (none) on the “Global Storage Settings” tab
– Unchecking “Allow third-parties Flash content to store data on your computer”
– Unchecking “Store common Flash components to reduce download time”
– Check “Never Ask Again” (some sites manage to ignore this.. but see below)
(bare in mind that I am draconian about my privacy, and would rather have things asking me for permission all the time rather then doing things without asking. You can, of course, set things to you own liking.)
— It has been pointed out that the above has little permanent effect as there seems to be little or no enforcement of the above settings and sites go ahead and store LSO’s even with the limit set to 0 —
– Bookmark the settings manager (you’ll want to come back to it now and then)
If a site is annoying about asking for storage go to the Settings manager from a new browser tab or window and use the “Website Storage Settings” tab in the Settings manager to tell the site to never ask again.
You can also use the “Website Storage Settings” to allow sites that you want/need to save data and limit how much they can store.
If ever there was a good reason for using NoScript, (which prevents flash and other things from running without permission) this is one. (of many)
— I strongly recommend the use of NoScript as an increasing number of sites have started using flash “web beacons” to track people (they hide a transparent 1×1 flash object on the webpage just so they can set an LSO (flash cookie) —
Good day, And happy and safe surfing.
Sorry, the comment form is closed at this time.
Proud Free Software Foundation Assoicate Member
Identi.ca - Follow me
- An error has occurred; the feed is probably down. Try again later.
Flash Cookie Removal ScriptsUnfortunately Drop.io is not what they once were and so the scripts are no longer hosted there. I'll find alternate hosting soon.
To be clear. I the author of this blog, in no way, recommend, endorse, or otherwise promote the products and services that may be advertised at the bottom of this blog posting.
I include this disclaimer because these advertisements are inserted by Wordpress.com and are beyond my control. I felt this disclaimer necessary as these advertisements will most likely become contextually targeted as time goes on. I do not wish readers of my blog to confused into thinking that the products or services advertised are suggested or recommended by me, no matter how closely they may be related to the subject of the blog entry.
3.0b5 adobe block Blogging Blogtk canada CBC chat Cloud cookies creative commons download DRM e-toys etoys fax features flash FLOSS free freedom game gnash gNewSense gnome google Hardy Hardy Heron howto how to ISP jaiku Life Linux lso mac manager media Microsoft Music nebuad New Brunswick OLPC open source P2P phorm podcast privacy reduce Release Candidate review revver scripting security site of the week spying squeak squeakland St Andrews Steve Gibson stop test testing Throttling tor tracking tutorial twitter Ubuntu video voice windows wordpress.com XO zire 72
Freemor on E-Toys Tutorial 12 – Get… Mike Stramba on E-Toys Tutorial 12 – Get… Frances Druins on Flash ‘Cookies’, a… Freemor on Talkr.im Howto mee on Talkr.im Howto
F.O.S.S I use: