Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lawsuit Hits Companies Using 'Zombie' Flash Cookies

Posted by kdawson on from the brains-for-a-filling dept.

A privacy activist has filed a lawsuit targeting eight corporate users of Quantcast's "zombie" Flash cookies, in addition to Quantcast itself. The suit alleges that MTV, ESPN, MySpace, Hulu, ABC, Scribd, and others used Quancast's Flash-based cookies to recreate browser tracking cookies that users had taken the trouble to delete. "At issue is technology from Quantcast, also targeted in the lawsuit. Quantcast created Flash cookies that track users across the web, and used them to re-create traditional browser cookies that users deleted from their computers. These 'zombie' cookies came to light last year, after researchers at UC Berkeley documented deleted browser cookies returning to life. Quantcast quickly fixed the issue, calling it an unintended consequence of trying to measure web traffic accurately. ... The lawsuit (PDF)... asks the court to find that the practice violated eavesdropping and hacking laws, and that the practice of secretly tracking users also violated state and federal fair trade laws. The lawsuit alleges a 'pattern of covert online surveillance' and seeks status as a class action lawsuit."

26 of 140 comments (clear)

  1. primo by Anonymous Coward · · Score: 4, Funny

    I hate how Slashdot uses zombie flash cookies to try to keep from getting what the Italians call il primo post.

  2. And here I thought I must have been drunk. by JDmetro · · Score: 2, Funny

    And forgot to delete those cookies from that porn site I didn't go to.

    1. Re:And here I thought I must have been drunk. by Anonymous Coward · · Score: 3, Funny

      I have more bad news. It is a website now.

    2. Re:And here I thought I must have been drunk. by Tubal-Cain · · Score: 5, Funny

      What kind of fetish involves raping a man's barbecue?

    3. Re:And here I thought I must have been drunk. by Thing+1 · · Score: 3, Insightful

      These haikus are not
      Accurate though, because they
      don't mention seasons!

      --
      I feel fantastic, and I'm still alive.
  3. And the other big Flash problem... by Anonymous Coward · · Score: 5, Insightful

    You can't change the !@#$%^& Flash settings on your own computer. You have to go to a Flash website. And you can't manage your flash cookies without going to some obscure website.

    It would be the easiest programming thing in the world to let people manage all the Flash settings and cookies right on the computer (no internet).

    But noooo... that isn't the way the snoopy Flash people want things to be.

  4. Zombie Flash Cookies by Anne_Nonymous · · Score: 3, Funny

    Zombie Flash Cookies. I'm sure they're bad for you, but you have to admit they sound like they'd be tasty.

  5. BetterPrivacy plug-in by sphealey · · Score: 4, Informative

    At least for the Flash cookies on Wintel, the BetterPrivacy plug-in seems to be doing a good job of deleting them for me.

    sPh

    1. Re:BetterPrivacy plug-in by mlts · · Score: 4, Informative

      +1 on BetterPrivacy. Install that as an add-on, and it works on Windows and OS X. No more worries about Flash shared objects because it can be set to zap them at very short time intervals, as well as when you open or close the browser.

      Firefox + BetterPrivacy + AdBlock + NoScript probably do as much for keeping a Windows machine clear of malicious software as most AV programs.

  6. Here is the shitty site by psyclone · · Score: 5, Informative

    http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

    Noscript users must temporarily allow adobe.com as well. (But at least you don't need to allow real cookies for either domain.)

    You can set the flash plugin to not store any data, but it sure gets annoying on some sites when the volume controls don't work. You can also set it to ask, but it's even more annoying to try and hit the "cancel" button 15 times with choppy video behind it.

    1. Re:Here is the shitty site by Animats · · Score: 5, Interesting

      Yes. If you tighten up the privacy controls enough on Flash, many video sites won't play, and some play badly. YouTube's player, for example, will display the "Press ESC to exit full screen mode" for the duration of play. There's absolutely no reason why that feature should depend on storing persistent information. It would be interesting to subpoena the developer and the documentation during development to determine if that was willfully put in to discourage users from using strict privacy settings.

  7. Re:On LInux: by John+Hasler · · Score: 2, Interesting

    rm -rf ~/.adobe/Flash_Player/* ~/.macromedia/Flash_Player/*
    ln -s /dev/null ~/.adobe/Flash_Player/AssetCache
    ln -s /dev/null ~/.macromedia/Flash_Player/#SharedObjects
    ln -s /dev/null ~/.macromedia/Flash_Player/macromedia.com

    Or just get rid of Adobe Flash entirely.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  8. Re:Not Quantcast's fault by Anonymous Coward · · Score: 4, Informative

    Don't blame Quantcast. They're using the technology as Macromedia intended

    You logic is flawed. If I kill a human with a Samurai sword, would you blame the maker of the sword?

    Flash comes with every version of Windows since at least XP

    Do you mean Dell computers with Windows? Maybe, but no version of Windows ever came with Flash.

  9. Re:Not Quantcast's fault by PopeRatzo · · Score: 2, Insightful

    Don't blame Quantcast

    You're kidding, right?

    --
    You are welcome on my lawn.
  10. Re:On LInux: by izomiac · · Score: 2, Informative

    On Windows, in an elevated command prompt:
    icacls "%APPDATA%\Macromedia\Flash Player" /setowner SYSTEM
    icacls "%APPDATA%\Macromedia\Flash Player" /inheritance:r /deny everyone:F

    Though I'd recommend a simple:
    icacls "%APPDATA%\Macromedia\Flash Player" /inheritance:d /deny everyone:(WD,AD)

  11. Re:DMCA by nacturation · · Score: 3, Insightful

    If your theory holds, the French could sue the Germans under the DMCA for circumventing the Maginot line. Here's a pro tip: there are some circumventions which have jack all to do with copyright law.

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
  12. Re:Save games by Runaway1956 · · Score: 3, Insightful

    CCleaner behaves badly? I beg to differ. CCleaner cleans trash. It ASKS you if you want to clean trash, then it TELLS you about the trash it finds, then ASKS again if you want to delete the trash.

    Those who are to stupid to follow directions and/or to examine the results before taking out the trash deserve what they get.

    As for those flash game files - big deal if all of them are deleted. The wife plays online flash games. Her files have been deleted by one or another privacy software. She logs back in to the site, and all her "important" saved stuff is loaded back onto her computer. Geez - that's a real burden isnt' it?

    After the first time, she learned how to delete those super cookies without deleting the files she wanted saved.

    Terrible learning curve, that. It took her all of 30 seconds of cussing and bitching, plus another 90 seconds of reading, and then ten more seconds to change the settings.

    Meanwhile, Better Privacy routinely deletes all the asshattery of flash cookies that she didn't specifically authorize on her machine, and everyone is happy. Except the asshats, of course.

    As for the lawsuit - yes, Super Cookies are a hack, and should be subject to hacking laws that are meant to protect the average user. Burn Quantcast for developing and using it, and burn everyone who has bought the damned thing. I don't care WHAT business you are in - you have no right to track people unless they specifically opt-in to a tracking program, with full knowledge and understanding of what they are doing.

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  13. Re:Lawsuit for *this*? by wealthychef · · Score: 2, Insightful

    Yes, lawyers are interested in getting money. It's not about justice, or consumer rights, or privacy. It's about greedy lawyers always and forever.

    --
    Currently hooked on AMP
  14. Re:Not Quantcast's fault by dissy · · Score: 2, Interesting

    Don't blame Quantcast. They're using the technology as Macromedia intended - to violate your privacy.

    So, as you say they are purposely using software designed to violate your privacy. Why exactly shouldn't we blame them for that again?

  15. OS X can use this program to delete flash cookies by qwertyatwork · · Score: 2, Informative

    OS X can use this program to delete flash cookies http://machacks.tv/2009/01/27/flushapp-flash-cookie-removal-tool-for-os-x/

  16. Re:OS X can use this program to delete flash cooki by BearRanger · · Score: 3, Informative

    No program necessary to do this. Just remove ~/Library/Preferences/Macromedia/Flash Player/#SharedObjects. Set up a cron job or an Automator script to do it hourly.

  17. Re:OS X can use this program to delete flash cooki by qwertyatwork · · Score: 4, Funny

    Holy sudos, quick robin to the bat terminal!

  18. Hello World, er Apple by AnAdventurer · · Score: 4, Funny

    Are we on Apple's side again for being anti-Flash? (I lose track so easily)

    --
    6.8SPC TR of 550, l xwind at 6, drift rt at 26" drops 77". AT has 503 ft-lbs at 1403 fps. FT 0.86
    1. Re:Hello World, er Apple by tehcyder · · Score: 3, Funny

      Are we on Apple's side again for being anti-Flash? (I lose track so easily)

      It's now Wednesday, so yes.

      --
      To have a right to do a thing is not at all the same as to be right in doing it
  19. Re:Not Quantcast's fault by Tacvek · · Score: 3, Informative

    Actually this is not a troll. Take a look in the C:\windows\help\tours\mmtour folder of a new windows XP 32-bit installation and you will find that the tour is SWF based.

    Among other dlls pre-installed on the system is a flash 3 or flash 4, or some similar early version dll (I forget the version or exact file name, but a search for 'flash' or 'swf' in file names on a brand new XP install (you might need to run the tour first to have it appear) should probably find it. I don't believe the browser plug-in ever came pre-installed, but the core DLL most definitely did.

    --
    Stylish sheet to fix many problems in Slashdot's D3: https://gist.github.com/801524
  20. Re:OS X can use this program to delete flash cooki by mdielmann · · Score: 2, Funny

    I think it would have been funnier if you had said "bash terminal".

    --
    Sure I'm paranoid, but am I paranoid enough?