Flash Cookies: The Silent Privacy Killer
There are hundreds of applications out there from spyware cleaners to built-in browser features that eliminate cookies on the spot, and even let you set cookie policies on your computer regarding what can be stored in your machine, and for how long.
I’m assuming that if you’re here reading this post, you already know all of the dangers of cookies on your computer. In all honesty, I don’t seriously believe that they’re the most dangerous form of movement or web tracking, but they can definitely be used to monitor more movements than a person should feel comfortable with.
What if there was a type of cookie that could:
- Stay on your computer for an unlimited amount of time
- Store 100 kb of data by default, with an unlimited max
- Couldn’t be deleted by your browser
- Send previous visit information and history, by default, without your permission
Okay… That’s a pretty scary cookie. As it is right now, the cookies we’re so deadly afraid of can store a maximum of 4 kb of information, are manage by your browser, and by default have reasonable defaults and restrictions.
This type of cookie exists on 98% of global computers, across all operating systems. it’s the Adobe Flash Player.
The Adobe Flash Player maintains proprietary cookies called Local Shared Objects or LSO’s. LSO’s are capable of storing 100 kb’s of information for an indefinite amount of time by default. When you clear your browser history in Internet Explorer, Firefox or Opera on Windows, Linux, or OS X LSO’s are not cleared from Adobe’s local repository.
In fact, all the information in those cookies will remain indefinitely until they’re removed by the issuing website, or by you via a cumbersome and ridiculous process.
Unfortunately, I haven’t even explained the worst of it.
There’s no easy way to tell what sites are using flash cookies to track your movements. There’s no list, and there doesn’t have to be a flash GUI or visible application for flash cookies to be present. In fact, most websites using flash for user tracking don’t create GUI’s, toolbars, or applications that you can actually see in your browser while browsing the site.
Many times a tiny flash module, 2 kb in size or less is loaded into your browser on every page visit in the same way a gif, jpg or other image is. The whole purpose of this tiny, invisible flash module might be to simply record the page request, and your username or other session variables.
Alright, so now you’re sufficiently convinced that this is creepy stuff. Let’s talk about how to get rid of it?
Lame as it might be, the Flash Player has no ability to delete cookies. And as I’ve already said, your browser can’t help you out. It doesn’t even know these cookies exist! Most of the privacy settings for Adobe Flash have be accessed via a flash application on Adobe’s website called the Adobe Flash Player Settings Manager.
If you want to access the Settings Manager, you can do so here. In fact, open it up now and let’s take a look.
If you’ve clicked the link above, then you’re looking at the Flash Player Settings Manager, and a list of all the sites currently storing information on the cookies stored on your computer.
Looking at my list, I see over 100 websites that have been accessing the same cookie for the last year (the last time I formatted my computer). Some of them are storing only 1kb of information, some are storing the full 100 kb’s. On my own computer, I see that my bank is storing flash information despite the fact that there isn’t a single flash application visible when I log in to check my balance. I see Youtube, CNN, Microsoft, Rotten Tomatoes and a ton more!
To delete all the Flash Cookies currently being stored on your machine:
- Go to the Settings Manager (Website Storage Settings)
- Go to the far-right tab
- Click “Delete all sites”
To prevent websites from storing any more information on your computer:
- Go to Settings Manager
- Click the Second Tab from the left (Global Storage Settings)
- Set the Storage Settings slider to None
- Uncheck “Allow Third Party Flash Content to store data on your computer
There are several other “privacy” settings on the other tabs, but don’t be persuaded. Most of those privacy settings have to do with whether or not websites can access your microphone and webcam. There isn’t a single cookie option on any of the privacy tabs on the Settings Manager.
Adobe, as a global leader in browser technology (a 98% computer market share), has a responsibility to make Privacy Options easily accessible from within the Player application itself. They also have a responsibility to set reasonble default limitations. It’s ridiculous that they would enable websites to store cookies indefinitely, and in such large sizes.
Is Adobe intentionally allowing websites to abuse privacy? You tell me. Comments Welcome.
edit: changed Macromedia to Adobe. Sorry, I’m from the ‘ol days.
Increase your e-mail privacy: Anonymous E-mail Boxes with makemetheking.com
No doubt this can be abused and I don’t really have good solution for it, however this “large cookie” does serve a purpose and it has some great uses. You can use it as a mini database and cache locally on the client without making expensive service calls. Just like anything it can/will be abused by the people that want your info.
I really think Adobe should add the functionality to manage cookies directly from the Flash Player. I would even go a little further and say that when Flash is installed on a system, there should be Flash Privacy Settings management added to the browser’s privacy settings.
I’ve been involved with developing sites for oh, about 10 years now… this is the first i’ve seen of the Flash cookies nonsense. Just deleted a whole whack of them. I didn’t delete them through the flash utility though. If you have enough know-how you can hunt down the data in -application data- which is located in your user profile on most systems (microsoft stuff). If you can get that far, there is just tons and tons of this crap laying around. I believe they are called .sol files. Funny that extension, sounds a lot like s–t out of luck.
There’s no reason we should have to rely on Adobe to get rid of this nonsense. Totally unacceptable security risk. Which, I admit, I did not even know about until now. I have to start doing more development in Flash. This is crazy.
I’ve written a script to delete them on my mac
I’ve written a script to delete them on Mac Os X…
rm -r /Users/username/Library/Preferences/Macromedia/Flash\ Player/#SharedObjects//*
rm -r /Users/username/Library/Preferences/Macromedia/Flash\ Player/macromedia.com/support/flashplayer/sys/*
Hell I’ve been doing web development for 8 months now…
Using flash and worried about privacy? A and -A, anything follows. Worry about a lot more than little privacy.
On some OS, having folder with no ability to add anything in, rather than just rm …
Any graphics and privacy is the least of your worries.
funny though that the “setting manager” does not delete the stuff in the second row of Jims script
As a game developer I use them sometimes to store scoring information for a user. For instance in one game I’ve created I store the players best time for that level, the next time they play the level I show them their best time so they can try and beat it.
“by default” it enables average users to use nifty adobe player functionality. (my pizza store, by default now remembers me and the last time i was there! wicked!
You can also choose max disk space for these cookies, you can also easily delete them, and you can easily stop them from being saved.
I agree the access to this information isn’t “easy”. but this is far from being a security problem.
I had to go through just as much clicks to get to my firefox cookie, as to get to the flash cookies. They also store only information they request. Which in some casses means saved games files (for flash games), and even pre-loaded code so that loads are faster.
This article, with its hefty boldening of sentences, makes this out to be an OMG! situation, when it’s not. Just as firefox, by DEFAULT, enables cookies and javascript code. Why can’t flash? This panel can also be accessed when using almost ANY flash application, through the right click context menu. Seriously, this feels like very little investigation of comparison. American style scare-mongering at it’s finest IMHO.
It sucks that adobe would even track that info for something that does not even load a flash animation per say on the website you are going to, as well, if you have cross site scripting enabled, i can store a frame with this adobe, to access your cookie and view that information even if my website does not pop up any flash….I would say adobe should fix this yesterday, as I find this unacceptable.
“Store 100 kb of data by default, with an unlimited max” - Wrong. 100kb is the default max. If it needs more it need to ask you for permission.
“Couldn’t be deleted by your browser” - Your wording is trying to imply that one can’t download it. They can, as you’ve shown.
“Send previous visit information and history, by default, without your permission” - It *stores* information rather then sending it somewhere else. Also it’s not like every site will have access to all your data; they’re restricted to the website, like cookies.
Yes, there’s a migration from cookies to Flash SO - simply because many times it’s much easier to manage and less prone to injection by malicious JS code.
But most importantly, all in all, they work pretty much the same as cookies and this kind of subjective analysis isn’t doing anyone any favor. I see what you’re trying to do - trolls will be trolls when there’s something to be gained by clicks both from people who agree and from enraged apologists (and you have ads in this very website to feed). But in the future, if you’re in any way interested in doing an analysis on a piece of technology, leaving your bias outside would be great.
And why the hell are you referring to a company that ceased to exist years ago? Inform much?
@Method:
I see what you’re saying. While it is a bit of an ‘alarmist’ mentality, it is a form of privacy risk that is largely unknown to your average computer user.
In addition to that, the menu is hardly accessible. There are some seperate privacy screens available when you load most flash privacy applications, but viewing and clearing all LSO’s are only available from the Settings Manager.
Another reason to not compare this to firefox or other browser is that, most people don’t know to clear their flash cookies. They may think they’re going unidentified between websites because they’ve cleared their browser cookies, while Flash Player is waving around their previous browsing identity with a flag.
@ignorance_hater:
You’re right, they work pretty much the same as cookies. No arguments there, except for that they can contain much more data than your average cookie.
But it’s still a huge concern that while the privacy-protecting world is preaching ‘delete your cookies! delete your cookies!’ Adobe has made no effort to make their privacy options accessible, or even well known. That is a risk, and that does deserve an ‘alarmist’ mentality, if only to draw attention to the issue.
How about setting the size of the cookie to 0? This is equivalent to disabling the Flash Player cookies, or more exactly the shared local objects, like they are called by Adobe.
cleartext is the future
I just let Ben Edelman know about this. He tracks privacy policies and practices.
http://www.benedelman.org/
—–
Hi Ben,
I just spotted something You might want to pursue. Adobe Flash keeps cookies Your browser can’t delete… You can only control them through an applet on macromedia’s site served by adobe.
http://www.imasuper.com/66/technology/flash-cookies-the-silent-privacy-killer/
Excerpt:
What if there was a type of cookie that could:
* Stay on your computer for an unlimited amount of time
* Store 100 kb of data by default, with an unlimited max
* Couldn’t be deleted by your browser
* Send previous visit information and history, by default, without your permission
…
The Adobe Flash Player maintains proprietary cookies called Local Shared Objects or LSO’s. LSO’s are capable of storing 100 kb’s of information for an indefinite amount of time by default. When you clear your browser history in Internet Explorer, Firefox or Opera on Windows, Linux, or OS X LSO’s are not cleared from Adobe’s local repository.
In fact, all the information in those cookies will remain indefinitely until they’re removed by the issuing website, or by you via a cumbersome and ridiculous process.
—–
Maybe You can get them to include settings to throttle these in the player itself. Right now You have to go to this site to control them:
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
I appreciate the work You’re doing Ben. Thank You.
Best Regards
Dave Manchester
http://dredeyedick.wordpress.com
http://thewall.civiblog.org/rsf/nsa.html
http://thewall.civiblog.org/rsf/handbook.html
Mac users - need the Settings Manager at the click of a mouse? Open http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html in Safari and create a webclipping dashboard widget.
I found this a few months ago and was contemplating a write-up on it. Glad to see it here! While I won’t jump up and down in an alarmist panic, this is pretty serious.
These Flash cookies:
-can store more
-can do more
-have no NATIVE clearing function
-have been previously unknown to the general public (even most of the “geek” public)
Anyone can be taught how to delete browser cookies in whichever browser they use. Only a few of us would be comfortable manually deleting Flash cookies and fewer still would go through the effort.
The downside to setting it to always deny or setting the max to 0 is the hassle of configuring special exceptions for websites that need them. While this is true for browser cookies as well, at least there are a number of GUI utilities to choose from that do a fine job of making it easier. Jim’s script is a start, but it has neither a GUI and nor any selectivity. personally, I’m OK with that until we create a full utility so we can properly manage this gaping security hole. I think the best method is Tony’s idea of adding a ‘Flash Privacy Settings’ tab in the browser settings when Flash is installed. I doubt that will come from Adobe until/unless there is sufficient outcry for it.
And this invades your privacy how? A web site can store local data on your machine and access it next time, so what? Other sites cannot read this information, since the Flash Player’s “sandbox” won’t allow it. So at best a site can just track your movements during your visits to itself.
There’s countless other ways to do this that don’t involve cookies, flash, or JavaScript. A simple unique ID in the URL can be added and passed between pages on the site to track movement, and on the server they can store much more than a mere 100k worth of data tied to that ID.
BTW, you can access the “Settings Manager” by right clicking on any Flash object, choosing “Settings”, going to the “Privacy” tab, and clicking “Advanced…”. This takes you to Adobe’s site where the Settings Manager resides.
Not as hidden as it seems…
What is the problem here? Flash maintains some local information that the flash application loads in. You can only access the Local Shared Object if you are accessing the same domain, and have the correct ID. No information is sent to the server flash is a client side process. Any flash developer worth his salt would never save personal information in a Shared Object. This just sounds like alot of scare mongering by someone who doesn’t understand what this actually is.
A sampling of the 215+ Shared Object Files (SOL) I found on my system: http://www.youtube.com, http://www.xxx-motorsports.com, http://www.weather.com, http://www.time.com, newyork.mets.mlb.com, my.nbc.com, msnbcmedia.msn.com, mlb.mlb.com, dhd.discovery.com, detroit.tigers.mlb.com, dcc.godaddy.com, images.amazon.com, skype.com, http://www.fleetwoodrv.com, http://www.ferrariworld.com, http://www.flickr.com, http://www.reuters.com, http://www.nytimes.com, http://www.motorola.com, http://www.kawasaki.com, boston.redsox.mlb.com…
While I think awareness of these Shared Object Files (SOL) is important, I don’t believe they are as nefarious as one would think (YMMV ;-)) If you want to get a handle on .SOL files (Shared Object Files), check out http://solve.sourceforge.net/
Not only does it hand out free information to these companies, but it also slows down web surfing. These types of cookies have never been removed from my computer since I bought it (maybe two years ago). After I removed them, sites that used to take a few seconds to finish loading now load in under a second.
My advise: get rid of them unless you acutally use them.
so use real cookies:
http://scriptactionthree.blogspot.com/2008/09/using-real-http-cookies-in-flash-as3.html
This should work for Linux users: rm -rf ~/.macromedia
If you use online banking in the USA, chances are very good that your bank is using a Flash cookie as part of their multi-factor authentication requirement. It’s encrypted and is used to identify the computer to the bank after you first register. If you delete it, you’ll have to jump through other hoops to get to your account.
JJ
I’m a game developer. Flash’s shared objects are a documented and known feature. Quite often they are used to enhance the quality of the user’s experience by caching data locally. Flash implements a number of security sandboxes and has rules on how these objects are accessed. With Flash 9 and above these rules assist in keeping the usage of SO and other advanced Flash features kosher. Granted, malicious programmers could use these for bad stuff the same way a programmer can use http cookies.
I applaud your effort to inform users about potential risks, but I think a more balanced approach based on facts of how these shared objects are used would have been more useful.The core point here is that users are not fully aware of what software is running on their machines. They may be explicitly trusting applications/plugins that may represent some level of risk.
Flash is a powerful plugin that gives you many desirable features. Like any plugin, it also exposes some new risks. As an industry lets work together to understand the risks, educate each other, and find solutions that allow us to offer rich media experiences that are safe. Let’s not damn a useful technology due to potential risks. Instead let’s work together to define what is acceptable behavior and banish applications/plugins/sites that don’t play by the rules.
I found out about these cookies a while ago, when I wondered how Pandora.com manages to track users without using browser cookies. Thanks for reminding me of how to control them–but, of course, if I turn off Flash cookies, Pandora will stop working. It is pretty obvious where users rank in Adobe’s scheme of things.
This is extremely serious. In many countries it is illegal to visit pornographic web sites, even those which are not blocked by the government censors. So an innocent persion goes to http://www. a creepy pornographic website .com and criminal evidence remains forever on his hard disk.
How does this affect the promised Privacy Mode of IE and Firefox?
If anyone is planning a more detailed writeup I’d love to know more about these files.
What kind of information can be stored in these Shared Objects?
what are they good for?
How is the stored information retrieved?
How does the GUI work?
Is there a or privacy risk on shared or public computers?
What’s the worst they could do?
Maybe if these files were implemented in a more transparent way, and we all knew more about them they’d seem less threatening?
If you are worried about a third-party file on your system like these: CCleaner removes these by default with a lot of other crap, where it used to get its name from. http://www.ccleaner.com/
(No, I have no connection to them, other than liking their program and attitude.)
From what I can see using gnash of swfdec doesn’t store the cookies… (Linux). Despite the fact that Adobe is now available for Linux, I prefer to use gnash because it allows you to save videos and other content directly to your hard drive… excellent for YouTube. However, Gnash doesn’t do a good job at displaying content from a lot of sites… But privacy + saved videos? I’m for it! Not using Adobe’s flash player, contrary to above comments, does not interfere with my online banking at all.
Thanks for uncovering this very-well-kept secret!
These “cookies” get stored in individual folders for each website, and Adobe’s settings manager still leaves all the folders intact even while destroying their contents, and like tyes said, it doesn’t touch the sys folder. Lately I’ve had to periodically delete contents of both folders by hand because sound in flash programs gets garbled, and the only thing that seems to be helping is deleting these “cookies”.
With Firefox you can use the “BetterPrivacy” Add-on. Beside deactivating DOMstorage and “click-pinging” (don’t know, what it is), you can look at the *.sol files and delete them with the Add-on. The Add-on has a function for automatic deletion of the *.sol files, but that doesn’t work for me with Firefox 3.
Oh come on - this information is available since ages (I think it must be 4 or 5 years at least), no one is trying to hide anything or make this a secret.
Local Shared Object:
http://en.wikipedia.org/wiki/Local_Shared_Object
http://livedocs.adobe.com/flash/9.0/ActionScriptLangRefV3/flash/net/SharedObject.html
How to manage and disable Local Shared Objects:
http://kb.adobe.com/selfservice/viewContent.do?externalId=52697ee8&sliceId=1
Easy way to clear all flash cookies in Windows for either IE or Firefox. Put the following text into a batch file in your startup folder.
RMDIR “%APPDATA%\Macromedia” /S /Q
Wow. I’ve known about the settings option to clear flash cookies and have been doing so every now and then over the last couple of years. But just went to check the files left behind and was amazed at the amount of junk and number of sites listed. Glad I’ve got all these properly cleaned up before my next US border crossing
This article is somewhat funny. While it did indeed mention the prevention of the cookies and so on into your system, it forgot to mention that there’s a nifty utility called disk cleaner. Among the astonishing number of plug-in si thas this little program did not fail at all to delete everything my flash player had put into HardDrive\user-name\aplication ddata\macromedia\ and the like. It clears everything, including these flash player files. Just use google and find disk cleaner. Have been using it for many years now, I consider this to be my best friend. THe best thing? this is open source!
A load of old wank if you ask me. These Shared Object have been around for years, and have never been a secret. I use them all the time, and they are very well documented by Adobe. To delete them, right-click any flash movie, go to settings, and set you local storage to 0kb. Simple as that. Also these shared objects have no way of being read by any site other that the one which created them.
I’m not sure what makes you think they “Send previous visit information and history, by default, without your permission”.
I do agree that a browser should clear Flash cookies as part of its “clear History” process. didn’t FF 2 used to do this? FF3 doesn’t, but I remember FF2 had an option to “Clear files stored by add ons” (add ons meaning flash player)…
How can people be accusing Adobe of ‘trying to hide this secret’? I guess clearly documenting something == hiding?
Also, how the heck is it Adobe’s fault that your browser doesn’t clear these? Are you expecting Flash hack IE7 or Safari so the clear cookies button also clears the folder that shares local objects?
Shared Objects are stored in known locations and the browsers have nothing stoping them from clearing these locations.
Other companies work with MS to ensure interoperability… why shouldn’t Adobe?
i was just passing by and i must say i really like your website thanks for the information;)
Thanks!
So what about just getting rid of Macromedia/ Adobe garbage? Going to the website of the slime that installed the spyware to get rid of it seems silly. I have Adobe’s pdf reader disabled and have, I think, removed all the flash player crap that came loaded on my laptop.
Is there anyway to tell for sure if its gone??
Bob
I was writing about this back in 2001! ( http://antionline.com/showthread.php?t=262900 )
And to be honest there has been alot of other things that have happened between then and now which should make you more fearful for your privacy;
AOLs release of Search Data
Chrome’s ‘Omnibar’
Image fusking
and people’s tendency to put their whole life online on Facebook/myspace/bebo
Or in the words of Scott McNealy “You have zero privacy anyway, Get over it.”
I saw this on Slashdot. Use the NoScript Firefox plugin which also blocks Flash and Silverlight by default.
On Linux you should rm -r ~/.macromedia and then ln -s /dev/null ~/.macromedia
On Windows you should delete/rename the “Flash Player” folder residing in C:\Documents and Settings\USERNAME\Application Data\Macromedia\ and replace it with a file called “Flash Player”. This prevents Flash from creating another “Flash Player” folder.
The above I found in the Slashdot comments.
I think a bigger question is why do you have to go to Adobe’s website to clear them? (If you want to use the ‘official’ global settings manager).
r.
Harold,
Could you run that by me again, slowly and in language a computer illiterate can understand? If these folders are still there, do I delete the folder or just the contents? If I make another folder of the same name, why won’t the flash player use it?
Rick has the main point.
Bob
Pretty interesting. As someone said above, all the settings are stored in a .macromedia folder. In your home folder go View -> Show hidden files or press ctrl + h. Then just delete the folder.
I’m on linux but don’t have adobe flash installed anymore. For about a year I’ve been using swfdec. I may switch to gnash if they get the audio in sync. Both of these adobe alternatives offer 64-bit support and are free and open source.
I’d recommend giving them a try, especially if you are like me and usually just wash videos in flash.
Bob,
In linux there’s a simple way to stop Flash from storing LSOs on your computer. this is the graphical way, good for recent Windows converts to linux …
1. Click Places, then Click Home Folder
2. Click View on the Top menu, and select Show Hidden files
3. Find a directory named .macromedia and RIGHT click it.
4. Select Properties at the bottom of the popup menu.
5. Select Permissions tab.
6. Click the selector for Folder Access, and choose List Files Only
7. Near the bottom, Click on Apply Permissions to enclosed Files
You have just made the .macromedia and all subdirectories and files inside it to READ ONLY, nothing can write there. I have done this on all my linux systems. The only ill effects are that I cannot watch full episodes of The Daily Show, and volume settings are not saved from one youtube video to the next.
Happy blocking!
ubun too,
Thanks. I saved that one for when I get my old Panasonic laptop up and running. It will be one or another flavor of Linux. I need to get a CD player that works on a parallel port.
My main computer is running XP with Internet Explorer.
Bob
Objection is an add-on for Firefox to manage your Flash Cookies (LSOs)
To be pedantic, Jim’s “script” way up there at #4 is not a script, it’s just a couple of shell commands. And while I like to mess around with the command line too, I think it’s worth pointing out for those less geekily inclined that you can delete those files just as easily from the Finder in OS X. Navigate to the Macromedia folder in your user Preferences folder, and start poking around; you’ll find ‘em.
Now, I’m off to run strings on some .sol files, just for fun
Bob:
With WinXP :-
The target folder that is used to store the Flash “cookies” is “C:\Documents and Settings\[USERNAME]\Application Data\Macromedia\Flash Player”. If you rename this folder to “Flash Player.disabled” or delete it (your choice) and create a FILE (not a folder) called “Flash Player” then Adobe can no longer recreate the “Flash Player” folder because the name is already in use by a file. The easist way to create this file is to right-click inside the …\Macromedia folder and select the “create text file” option naming it “Flash Player” (not “Flash Player.txt”).
It works because you can’t have a folder and a file in the same directory with the same name.
Adobe has also other products, such as pdf reader acrobat. Wonder if it has any secret cookie systems? I wouldn’t be surprised, after all, it’s useful to trach who reads your documents, when and where.
Harold,
That is a genius solution. Not necessarily because it’s the best technique listed here, but because it’s creative and well, really just quite intelligent. Well said! I love it, and I’m going to impliment it just for the fun of it.
Regards,
Priv A. See
I deleted the folder on my Linux computer, recreated a new one and ran the settings manager selecting the options I wanted. I then set the folder to read-only so no more stuff can be added to it.
If this doesn’t work out I’ll just add a cleanup script that runs before every backup to clean out the stuff in macromedia.com and #SharedObjects folders aside from the settings file:
~/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/settings.sol
Been away from my computer. Thanks!
Bob
I’m looking at a long list now, but the biggest size is only 3kb. Most are 1 or 2kb out of the 100kb limit. This includes Google video and You Tube. So I doubt this cookie is slowing my browsing down although I am surprised to find them.
In WinXPsp3, the files are stored in two places, c:\documents and settings\[USERNAME]\application data\macromedia\flash player\#sharedobjects\[hieroglyphicname]\
and c:\documents and settings\[USERNAME]\application data\macromedia\flash player\macromedia.com\support\flashplayer\sys\
event after all of the entries had been deleted from the settings manager gui, all of the ’sites’ information was still there….
but it isn’t any more.
stine
If you or any other bloggers using Windows want to earn a quick buck publishing similar poorly researched “privacy panic” articles, there is a ton of material in c:\documents and settings\[USERNAME]\application data\ to keep you busy for quite a while.
Some of you FireFox users might be surprised at what doesn’t get deleted in your Profiles folder when clearing your private data via FF’s menus.
Thanks so much for this information. I just found about out about “flash cookies” aka “linked shared object” aka “LOS” aka “SOL”. The way I found out was in trying to determine of ‘Incognito” mode in Google Chrome was really as private as advertised by Google. Google Chrome, it turned out, is NOT as private as they say it is precisely because it makes use of flash cookies. Google, is seems, it tracking every the websurfing of everyone who downloaded and who uses Chrome via the link shared objects.
I have followed the instructions, herein, to delete these objects and to stop them from being placed, again on my computer unless, of course, the Google geeks figured out some other way to place their flash cookie for Chrome somewhere else in the file tree.
I can’t believe I didn’t know about this earlier!!! I always surf with cookies turned off, I thought I was safe!!! But then the BBC iPlayer remembered my playback position in Opera, when I had previously played it in IE. I thought, how can it know across different browsers, even when I have cookies turned off and use CCCleaner everyday?? Then I rumamged around the Application data folder and found loads of SOL files dating back years!!!! I have teh Adobe Flash player option ticked in CCLeaner, but CCleaner still doesn’t clear them, it has let me down! The world must be told of the danger posed be Flash cookies!!!
Under linux, this works. Perhaps something similar will work in windows and / or macos:
1) Remove all flash settings. Shutdown web browser, then:
cd ~
rm -rf .macromedia
2) Restore clean defaults:
(startup flash, go to settings manager, turn off storage in global tab)
3) It still stores per-site data. This sets the flash settings directory to be read only, hopefully preventing per-site data storage for good:
chmod -R -w ~/.macromedia
hedora, the biggest privacy threat by far is the application people call “Windows” or occasionally “Vista”. It stores and stores and hides from you and obscures and then ships out onto the net. If people trust Windows, that sees *everything* you do on a PC, why would they worry about Sony or Adobe or Google or anyone else whose ability to store anything about you ultimately depends on Microsoft giving them that right? [..since all their applications rely on calls made to Windows libraries for even basic things like using memory, files, and running the application ..eg, in the case of Google, the browser]
In Linux you know what you have and where they can get you if you let them [you may not know but other third party developers do (including the very paranoid ones)]. Of course, I am talking about open source software.
This artical is so correct about Adobe flash. On a few accounts I have had to download on I have had a few problems.. but not like the ones I had the last time It is almost impossible right after downloading to even scroll down.it just runs away! so makes it impossible to see most things. Also a lot of other problems with my pc since 3 weeks ago. I have Norton antivirus which i paid for, and works well. It shows no virus at all. I was convinced myself this was Adobe flash that has upset my pc.
This artical is so correct about the Adobe flash player. I noticed 3 weeks ago when i needed to download an Actvix player for a certain programme, right after downloading the pc was giving me trouble. I could not even scroll, as it was going so fast and would not allow me to click at all.So it was making it impossible to see most things. I also am encountering other problems since the download. I have Norton antivirus, whic i paid for and works well. So this showed no virus.I then realised myself it was the flash player THAT HAD UPSET MY PC
How concerned really ought we be about cookies, ”http cookies” and ”ADOBE FLASH COOKIES”? I am now going to unistall Adobe Flash Player and then I’m going to try to figure out how to remove those NASTY files the UNINSTALL process leaves behind on my hard drive. It is any wonder the world is such a screwed up place when we allow such ******** software on our computers? I think the government has really dropped the ball on us all.
If you know how to remove thos shit files, please let us ALL know. And thank you in advance because personally I truly hate cookies.
What truly scares the crap out of me is people I care about use this ******** software.
Did anyone read Musashi270 post? Ccleaner erases all flash cookies except ones you choose to keep like from your bank etc.
All this information is overwhelming for a non-tech user. Why is Microsoft not offering more help in controlling cookies?
It is what these can be MADE to do that is the problem 99% may be harmless and useful, it is the abused and misused ones that are the problem. The claim that only the original site can access the information is not as clear as it might be. Most sites have frames or links or ads from third party sites if that third party site puts a flash cookie on your PC the same site can access it from ANY site on which it has a link or frame or ad. SO it would collect which sites you have been to and other details from those sites possibly for years - frightening. If a store hid a camera on you while you were shopping and monitored your entire day claiming to be helping you get targeted ads there would be an outcry but these people have convinced the computing public that cookies are necessary, good and not evil at all. Yet the information they get sells for thousands-Why?
What’s so wrong with SO? What I should use, when I’m doing a game with many levels, and want to let you play it offline and store the position if you have to leave and want to continue next time without need to play from the beginning? And with Youtube.. I really don’t want to set the volume I prefer all the time I see some movie… if you want, just disable it in the Global Storage Settings panel as you described.
This can also be deleted with Command Prompt script:
{run CMD}
cd “Application Data\Macromedia\Flash Player
rmdir /Q /S #Security
rmdir /Q /S #SharedObjects
rmdir /Q /S localhost
rmdir /Q /S macromedia.com
rmdir /Q /S localhost
* for Vista, change _ Application Data_ to _AppData_
I really like the morons up here trying to aologize for this feature. Hey MORONS: I don’t play stupid computer games, so I don’t give a DAMN about that. I also don’t give a RAT’s ASS if “my pizza place” remembers what I ordered last time.
This is obviously sneaky spyware, from the dirtbags at Adobe. The lame-ass douches up here trying to defend are probably spammers and other psychotics who think it’s wonderful that they can track people’s internet use.
The fact is, these files contain lots of information about your internet history that you might not want known to other people, for example, if your university (e.g. Columbia) BANS sites that the idiots there find “politically incorrect” such as World Net Daily .com.
Any SLIME MOLD who is up here defending this you can know is a slimy dirtbag who is upset that people are finding out about this. I think a lawsuit against Adobe is completely justified. They have always been sneaky bastards with all of their crappy broken software. it’s easy to see why their apps barely function - because the main purpose of them is to invade your privacy.
Scott McNealy is a has-been freak. I don’t give a rat’s behind what this loser slimebag thinks I should be “getting used to”. Sun is going out of business soon, and good riddance to this bucktoothed freak Mcnealy.
For Windows, try the MAXA Cookie Manager, which allows to manage all types of cookies (Flash LSO) included at once, including black and whitelists:
http://www.maxa-tools.com/cookie.php
wankers
saints row 2 casino location tunica casino winners new casino new mexico .mac casino sites q casino royale tachi palace casino ca metro casino .mesh casino luxor hotel and casino reviews .soboba casino employment soboba casino harrahs harveys lake tahoe hotel casino century casino showroom .above roulette casino download .the need for .should .or and again palms casino address reno casino list can Buy n.j. casino control commission Is the mirage casino marketing joe casino imdb What peoples choice casino bus The sometime Heh, go bus to casino rama belterra casino resort spa indiana and again Here you search uk super casino image as jon lucas casino online casino slots no download hotel casino jobs see foxwoods casino commercial new casino des plaines ti concert at santa ana casino harrah’s casino san diego How taipei casino look
brimley casino online casino no deposit bonus codes .What is now 1000 islands casino is the same as new casino in michigan above vegas casino construction .Before .Links .without ought to subscene casino royale lloyd williams crown casino above You search here payout casino inside islandview casino goa casino royale las vegas casino reviews boulevard casino coquitlam Information on oh the casino tabs stuff should .