

Code Known as Flash Cookies Raises Privacy Concerns - wallflower
http://www.nytimes.com/2010/09/21/technology/21cookie.html

======
ojbyrne
“Instead of going to Amazon, I’m going to the local bookstore.”

Of course when there, she pays cash, doesn't use a rewards card and makes sure
she doesn't appear on any security cameras.

------
dinedal
Oh so now it's a big deal? These have been around forever people, c'mon!

~~~
logophobia
They've been here forever, but there is still no good (user friendly) way to
delete them. No easy way to define a privacy profile (delete cookies when I
close my browser...).

I don't understand why flash doesn't hook into browser privacy settings by
default. Instead, you have to install custom software like the firefox
betterprivacy extension: <https://addons.mozilla.org/en-
US/firefox/addon/6623/>.

~~~
copper
I believe the new flash player versions do respect the private browsing modes
of browsers.

Back when I used to use windows, I used to touch two files called "#Security"
and "#SharedObjects" in the flash player app data folder, which prevented it
from downloading anything at all. In retrospect, it was an overly heavy-handed
way of doing things :)

------
adolph
_“The core function of the cookie is to link what you do on Web site A to what
you do on Web site B,” said Peter Eckersley, a technologist at the Electronic
Frontier Foundation. “The Flash cookie makes it harder for people to stop that
from happening.”_

I think the technologist intends to refer to third-party cookies.

~~~
MartinCron
No. Third party cookies do something similar, but don't always work with all
browsers/privacy settings. Specifically, Safari won't accept third party
cookies from non-blessed domains (one the user didn't navigate to on purpose).
Some IE flavors needed the cookie to have a compact privacy policy in the
header, something that was never audited or checked...total honor system.

This was a big problem at my last job, trying to get an accurate count of
unique visitors to a network of around 50 distinct domains. Nothing nefarious,
just trying to get a sense of which visitors on site A were the same
(anonymous) visitors on site B.

Flash "cookies" work with more desktop browsers, although they always felt
like an ugly hack.

------
Nick_C
On *nix systems including Mac you could do what I do: a cron job that runs
every week to delete everything in the ~/.macromedia/Flash directory. Windows
users can achieve the same thing with an event schedule, the directory is
probably in something like %USER%\App Data\\.

------
rmorrison
I also think Adobe is somewhat responsible, it seems like yet another case of
them not looking out for there users best interests.

Also, I'm writing this post from my Flashless iPad, and it makes me feel even
better about Apples's decision.

------
nostromo
Now that browsers ship with "anonymous mode" I imagine the fact that you're
not anonymous at all on any page that has flash is completely confusing to the
average internet user.

~~~
mike-cardwell
You might be interested to know that the Tor project is helping Google and
Mozilla with this very problem:

[https://blog.torproject.org/blog/google-chrome-incognito-
mod...](https://blog.torproject.org/blog/google-chrome-incognito-mode-tor-and-
fingerprinting)

They have a lot of expertise in this area

