There’s nothing new about Cookies, most people are aware of their existence and accept that they’re just a fact of life. They’re fairly easy to delete after all, you can just go into your browser settings and ‘clear history’ or something similar and all traces of your browsing habits are gone… At least that’s the commonly held misconception.
For those of us with Flash Player installed (and that’s about 98% of the online population) we’re also being tracked behind the scenes by another type of Cookie called a Flash Cookie. These Cookies aren’t deleted when you clear your browser cookies and they can potentially store a vast amount of information about you and your browsing habits without you even knowing it. Most people don’t even know they exist.
This is why Flash Cookies or Local Shared Objects (LSO for short) are a particularly big invasion of your privacy.
The following list is taken from the BetterPrivacy firefox plugin homepage (which I’ll tell you more about in a moment).
- They are never expiring – staying on your computer for an unlimited time.
- By default they offer a storage of 100 KB (compare: Usual cookies 4 KB).
- Browsers are not aware of those cookies, LSO’s usually cannot be removed by browsers.
- Via Flash they can access and store highly specific personal and technical information (system, user name, .).
- Ability to send the stored information to the appropriate server, without user’s permission.
- Flash applications do not need to be visible to the user
- There is no easy way to tell which flash-cookie sites are tracking you.
- Shared folders allow cross-browser tracking, all browsers use the same LSO folder
- The company doesn’t provide a user-friendly way to manage LSO’s, in fact it’s incredible cumbersome.
- Many domains and tracking companies make extensive use of flash-cookies.
- Flash-cookies are used to re-create data of deleted traditional cookies.
There have been numerous privacy lawsuits in America regarding the use of Flash Cookies, as this article in the NY Times discusses.
Macromedia don’t make it particularly easy to remove these cookies. There’s a great article on HowToGeek which talks about the various approaches you can take to regain control of your privacy.
For those who like to get their hands a little dirty and poke around on their computers, you can search for Flash Cookie files on your machine by looking for *.sol files. They’re typically stored in the AppData/Roaming/Macromedia/Flash Player/macromedia.com or a similar location on your machine.
Oh and if you think you’re safe using the privacy mode, available with Firefox, think again!