Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chrome, IE To Allow Users To Delete Flash Cookies

Posted by CmdrTaco on from the different-kind-of-flash dept.

Trailrunner7 writes "The upcoming release of Adobe Flash Player 10.3 will give users of most of the major browsers the ability to delete Flash cookies in much the same way that they're able to erase normal Web cookies, thanks to a better integration with privacy settings in Internet Explorer and Google Chrome. The addition of the ability for users to delete the cookies set by plug-ins and browser add-ons gives them better control of the security and privacy of the content on their machines and is designed to address a serious issue that's been plaguing Flash for some time. Security and privacy experts have warned about the implications of so-called Flash cookies, which are set by Flash and difficult for users to find and delete."

110 comments

  1. And what about evercookie? by elucido · · Score: 4, Interesting

    http://en.wikipedia.org/wiki/Evercookie
    http://samy.pl/evercookie/

    Evercookie is unstoppable, irrevocable, undeleteable, and it represents a new trend. When is Google and Microsoft going to do something about this? Or do they and others conspire to use this evil mega cookie to track us?

    1. Re:And what about evercookie? by The+MAZZTer · · Score: 5, Insightful

      File a bug on the Chrome bug tracker. The latest I can find is that Chrome should be erasing it all if you use Incognito, except for the Flash LSO.

    2. Re:And what about evercookie? by h4rr4r · · Score: 1

      Seems like it is deletable, hard to find maybe but you can always delete your whole browser profile.

    3. Re:And what about evercookie? by icebike · · Score: 4, Insightful

      Or run the browser and all of its minions (including flash) in a sandbox, which allows you to snap shot it at some point in time, and flush that sandbox after each browsing session and restore from the snapshot at the start of each new session.

      As long as every program has access to the Windows Registry, you will have to sandbox that as well, allowing access to a shadow copy.

      But the real problem here is that Joe Sixpack is not in a position to be knowledgeable about all of this. Criminal sanctions against users of Evercookie might keep corporate marketing droids from going down that path, but they won't stop the off-shore porn sites or gambling sites from embedding this type of technology.

      --
      Sig Battery depleted. Reverting to safe mode.
    4. Re:And what about evercookie? by h4rr4r · · Score: 2

      Windows Registry? I can't find one of those on any of my machines. Install browser in chroot, copy to another location. Then copy before version over after version.

      Joe Sixpack is not in a position to be knowledgeable about anything, no need to worry about it.

    5. Re:And what about evercookie? by icebike · · Score: 2

      Joe Sixpack is not in a position to be knowledgeable about anything, no need to worry about it.

      How very magnanimous of you.

      So in your little provincial world, the only people deserving of protection from cookie mining evil corporations and government spies are long practicing linux users? The rest are just cannon fodder?

      I suppose this means the only people deserving of medical privacy are the doctors themselves? The only ones deserving of police protection are the cops themselves?

      --
      Sig Battery depleted. Reverting to safe mode.
    6. Re:And what about evercookie? by Anonymous Coward · · Score: 2, Interesting

      In my tests incognito mode was enough to delete the evercookie. I simply quit the browser and restarted.. it didn't know who I was. Try it here http://samy.pl/evercookie/

    7. Re:And what about evercookie? by h4rr4r · · Score: 2

      Talk about putting words in my mouth.

      Users are not even interested in this, they don't care about their privacy. For a good example of just that go take a look at facebook. No need for anyone to worry about protecting those who do not care to be protected.

      Police protection is a joke. They investigate after, not protect you. The police are 30 minutes away, my own protection is much closer.

    8. Re:And what about evercookie? by causality · · Score: 2

      Joe Sixpack is not in a position to be knowledgeable about anything, no need to worry about it.

      Assuming he's literate, he's in a position that is as good as yours or mine.

      It's merely a question of willingness. I agree there's only so much you can possibly do for someone who won't lift a finger to help himself. That's a character weakness and I wouldn't be doing anyone any favors if I validated it. For that I make no apology.

      It reminds me of that joke: "a 'computer expert' is someone who can read the manual". Most end-user manuals I've seen appear to be targeting about a fifth-grade reading level and assume little or no technical prowess. They often have illustrated, step-by-step directions that don't require you to understand *why* the procedure works. If you expect the average adult to be able to handle that, people will call you a heartless elitist. So be it.

      Though I do find it amusing that those who scream "elitist" et al never seem to comprehend one basic fact: a real elitist would not expect a literate adult to handle such things. A real elitist would assume they're too stupid and could never be expected to inform themselves about relatively easy things.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    9. Re:And what about evercookie? by h4rr4r · · Score: 1

      It's merely a question of willingness. I agree there's only so much you can possibly do for someone who won't lift a finger to help himself.

      That is the position I was talking about. Joe Sixpack does not care, and will not care. The position of Joe Sixpack is that anything that requires reading or 5 minutes of his time is to hard for him.

      As I have now two responses that seem to assume I think Joe Sixpack is some sort of invalid I will admit I should have been clearer.

    10. Re:And what about evercookie? by AliasMarlowe · · Score: 1

      Joe Sixpack is not in a position to be knowledgeable about anything

      Wrong! Joe sixpack knows plenty about beer...
      ...and quite likely about football and women.

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
    11. Re:And what about evercookie? by h4rr4r · · Score: 4, Funny

      Considering the most sold beers in the USA include bud lite and miller lite, I can safely say he knows nothing about beer. He is a connoisseur of beer flavored waters though.

    12. Re:And what about evercookie? by rjstanford · · Score: 1

      Talk about putting words in my mouth.

      Users are not even interested in this, they don't care about their privacy. For a good example of just that go take a look at facebook. No need for anyone to worry about protecting those who do not care to be protected.

      Most users (and I'd include myself in this list) are very interested in some aspects of privacy. I care quite a bit if someone access my bank account and takes my money. I don't care at all if someone wants to send me an email, or get in touch with me because of a common interest. Privacy does not have to equate to invisibility.

      --
      You're special forces then? That's great! I just love your olympics!
    13. Re:And what about evercookie? by Intron · · Score: 1

      Its an arms race. You can try to keep ahead, but the advertisers are willing to spend a lot of money to be able to track individuals.

      --
      Intron: the portion of DNA which expresses nothing useful.
    14. Re:And what about evercookie? by Intron · · Score: 1

      How very magnanimous of you.

      So in your little provincial world, the only people deserving of protection from cookie mining evil corporations and government spies are long practicing linux users?

      No. Those running Windows on a virtual machine are OK too. As long as they blow away the Windows VM after use.

      --
      Intron: the portion of DNA which expresses nothing useful.
    15. Re:And what about evercookie? by causality · · Score: 1

      It's merely a question of willingness. I agree there's only so much you can possibly do for someone who won't lift a finger to help himself.

      That is the position I was talking about. Joe Sixpack does not care, and will not care. The position of Joe Sixpack is that anything that requires reading or 5 minutes of his time is to hard for him.

      As I have now two responses that seem to assume I think Joe Sixpack is some sort of invalid I will admit I should have been clearer.

      There seems to be this unstated consensus that unless you excuse, legitimize, and enable any and all forms of intellectual laziness and willful helplessness, then you must be some kind of cold-hearted bastard who wants the poor to starve, old ladies to eat dog food, and baby seals to get clubbed to death.

      There's also this widespread and completely false notion that you're doing anyone any favor by teaching them to be at the mercy of others for basic things they are actually capable of doing themselves. Like when someone chooses to be helpless, you're their best friend and a real great guy if you coddle them and make that decision as consequence-free for them as possible, and some kind of evil enemy if you see that they are better served by overcoming their helplessness and would be much happier with their experience if they did.

      The amusing notion is that if, in the absence of medically diagnosed mental retardation, illiteracy, or organic brain damage, you tend to assume "if I could do it with a few minutes of effort, he should be able to handle it too since we're fundamentally equal" then you're some kind of elitist who thinks he's better than everyone else. They really don't grasp the self-contradiction this represents.

      Combine all of these things and what you get is an emotional need to demonstrate a phony compassion that only makes its recipients less capable, more lazy, and more needlessly dependent. All in the name of caring and winning the approval of others. Oh, except those horrible "elitists", they have a different value system so it's okay to regard them as pieces of shit and make unfounded judgments about what kind of terrible human beings they are. Because you're so caring and nice and accommodating.

      That some numbnuts would misinterpret where you were coming from so he could climb on his high horse and make accusations against your character was predictable. Many people have an emptiness they can only fill temporarily by looking down their nose at someone who disagrees with them. That's why I spoke up and added a bit of framework to your statement. To me, what you meant was obvious. It would be obvious to anyone who doesn't have such pathology.

      It would be obvious also to anyone who actually wants what is best for average users and would rather teach them how to fish instead of giving them a fish every day so they can pat themselves on the back and tell themselves how kind and generous they are.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    16. Re:And what about evercookie? by Anonymous Coward · · Score: 0

      Unstoppable? You can run the browser inside sandboxie (windows) and clear the sandbox contents after browsing... It gets rid of that, and pretty much anything else, you'd need to manually merge it with the system for it to become permanent in any way or form. With some tweaking this should be doable on *nix as well with something like sandfox.

    17. Re:And what about evercookie? by Anonymous Coward · · Score: 0

      I care quite a bit if someone access my bank account and takes my money.

      That's not privacy related. That's theft.

      Most users (and I'd include you in this list) don't even know the meaning of privacy.

    18. Re:And what about evercookie? by mdm-adph · · Score: 1

      Pretty sure that's not the case anymore about Flash LSO's and Incognito mode. (Could just be the custom version of Chromium called SRWare Iron I'm using, though.)

      --
      It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
    19. Re:And what about evercookie? by asa · · Score: 1

      You're taking this wildly off topic. Evercookie depends on a large group of features and this is a mitigation for one of those features.

    20. Re:And what about evercookie? by Fjandr · · Score: 1

      This is easily one of the best posts I've read in years, and there are many who would treat you with scorn simply for uttering such notions.

    21. Re:And what about evercookie? by Anonymous Coward · · Score: 0

      Undeleteable? How? I tried it and without even using private browsing i was able to easily delete the "evercookies".

    22. Re:And what about evercookie? by causality · · Score: 1

      This is easily one of the best posts I've read in years

      I always feel humbled whenever I receive a high compliment like that. Thank you. I will add that I don't think I was being particularly insightful, clever, or articulate. I think I was just being honest. If you do it that way, you don't really need elaborate technique or silver-tongued eloquence to discuss the nature of things.

      Of all things this reminds me of the notion of a "Constitutional scholar". The Constitution is easy to understand. It doesn't require tremendous study or great expertise. Language such as "Congress shall make no law" and "shall not be infringed" is not difficult to grasp. The enormous complexity comes from those who view it as an obstacle to their goals and look for clever ways around it. They are the ones who need to split hairs and mince words and introduce multiple methods of interpretation -- this is what gives them room to maneuver. The Founders themselves left little doubt about their intentions.

      and there are many who would treat you with scorn simply for uttering such notions.

      Don't I know it. Seeing things in these terms is definitely not for the faint of heart. Someone who derives their sense of security from large numbers of like-minded people would never make it. Most people do not seem to welcome the kind of perspective I am trying to cultivate. Many people cannot respect a position with which they don't already agree.

      It's one way to know who your real friends are, though.

      --
      It is a miracle that curiosity survives formal education. - Einstein
  2. Define "Difficult" by Anonymous Coward · · Score: 0

    set by Flash and difficult for users to find and delete

    localhost $ rm -fr ~/.adobe

    Wow, that was some tough shit.

    Or if you think anything Adobe wants to store may actually be valuable to you (hah!) you can be more specific:

    localhost $ rm -fr ~/.adobe/Flash_Player/AssetCache

    Man, that was hard. I am so glad there are teams of helpful people to support me in this difficult endeavor.

    1. Re:Define "Difficult" by clang_jangle · · Score: 1

      It is pretty simple to get rid of them in Linux, probably the same on windows. You just have to know where the files are being stored, which isn't hard. Every time you delete the .adobe and .macromedia directories, you get to start fresh. And you only need a few files in your ~/.mozilla directory to recreate your config automagically, so copy those out and restore them to your periodically fresh .mozilla. I don't know why everyone thinks this stuff is so complicated...

      --
      Caveat Utilitor
    2. Re:Define "Difficult" by Anonymous Coward · · Score: 0

      Don't forget rm -rfv ~/.macromedia

    3. Re:Define "Difficult" by beelsebob · · Score: 3

      Yeh you're right, because the average joe blogs on the street wants to understand where Flash puts it's cookies rather than simply selecting the "delete cookies" menu option.

      Oh wait no, that's bollocks ;).

    4. Re:Define "Difficult" by h4rr4r · · Score: 0

      The average joe is not going to even use the menu option. This is slashdot, stop worrying about the average idiot.

    5. Re:Define "Difficult" by LordLimecat · · Score: 1

      You could pull up the Chrome wrench --> Under the hood --> Clear browser data and click the "Adobe flash player storage settings" link.

      Lets you manage flash cookies to your heart's content. Boy, that was difficult.

    6. Re:Define "Difficult" by beelsebob · · Score: 1

      Yeh, because the average joe isn't going to be scared of clicking an "under the hood" button.

      Oh wait, that's bollocks too ;)

    7. Re:Define "Difficult" by Anonymous Coward · · Score: 0

      localhost $ rm -fr ~/.adobe

      This is temporary. The next time you encounter Flash, it's recreated. The only successful way is to symlink the .adobe and .macromedia files to /dev/null. This way you get Flash functionality without cookies being set and saved to the HDD.

      cd $HOME
      rm -rf .adobe .macromedia
      ln -s /dev/null .adobe
      ln -s /dev/null .macromedia

    8. Re:Define "Difficult" by Anonymous Coward · · Score: 0

      The average joe isn't even going to know how to get to the menu option. Good grief, some of these people (not directed at you) love to give "the average joe" *too much* credit.

    9. Re:Define "Difficult" by LordLimecat · · Score: 1

      Where would you propose they put such an option?

    10. Re:Define "Difficult" by Tim+C · · Score: 1

      stop worrying about the average idiot.

      Worrying about those less able to take care of themselves is what civilisation is all about.

      --
      It's official. Most of you are morons.
  3. rm -rf ~/.adobe ~/.macromedia by Anonymous Coward · · Score: 0

    n.c.

  4. Firefox by just_another_sean · · Score: 5, Informative

    And for Firefox users there is Better Privacy.

    From the Better Privacy site:

    Better Privacy serves to protect against not deletable longterm cookies, a new generation of 'Super-Cookie', which silently conquered the internet. This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.
    This addon was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them - since browsers are unable to do that for you.

    emphasis mine

    --
    Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
    1. Re:Firefox by BZ · · Score: 4, Informative

      Actually, Firefox 4 supports this as well, out of the box.

    2. Re:Firefox by Anonymous Coward · · Score: 2, Informative

      Yep. Has existed for several years now, including for older versions of Firefox like FF3.5
      (and maybe 3?)

      The only thing is it had to do it on disc due to lack of an Adobe API.

      However, Better Privacy works even with older versions of Flash, like 10.2 - unlike this new method which requires Adobe's cooperation.

    3. Re:Firefox by Jah-Wren+Ryel · · Score: 3, Interesting

      And for Firefox users there is Better Privacy [mozilla.org].

      Actually, Firefox 4 supports this as well, out of the box.

      FWIW - and it's worth it to me - Better Privacy provides better control in that I can set duration for the cookie. Mine are deleted after 5 minutes of last access. That works for sites like youtube that store the volume setting in the flash cookie, but still gives pretty good protection against flash cookies that might be misused due to lasting until I exit firefox (something I only do once or twice a month).

      --
      When information is power, privacy is freedom.
    4. Re:Firefox by BZ · · Score: 2

      Sure. Better Privacy is nice if you want its features. But it's not strictly necessary to just delete Flash cookies, which is what the article is about.

    5. Re:Firefox by Anonymous Coward · · Score: 1

      And even if it _didn't_, what the fuck is wrong with rm? Or deleting them with a file explorer?

      Have we been SO dumbed down as a society that we are no longer even capable of basic filesystem operations such as removing files?

      I swear that watching the last 30 years has seemed like a continual process of seeing people get stupider and stupider until even the most basic thing are now considered "too hard". I await the time that turning the computer on is considered "too hard" for the average person to be expected to understand.

    6. Re:Firefox by Anonymous Coward · · Score: 0

      Too bad there doesn't exist some kind of search engine that could scour the internet for such information.

    7. Re:Firefox by Anonymous Coward · · Score: 0

      Sure. Better Privacy is nice if you want its features. But it's not strictly necessary to just delete Flash cookies, which is what the article is about.

      GP was stating a preference between two viable options and gave reasons for this preference. Since she never made the claim that BetterPrivacy was strictly necessary, what revelation did you suppose you were making here?

      I have no idea why people feel a need to write these redundant posts to disclaim something that never was claimed. It's a real mystery to me.

      Maybe you're an insecure person who feels a powerful need to have the last word or something. Maybe that previous sentence will make you resist the temptation to reply to me so you can prove me wrong and thus feel secure for the next several minutes. Maybe that previous sentence will make you want to reply to me even more and remind us all that penguins are not mammals, as though I claimed that they were.

      Either way you have fun with that.

    8. Re:Firefox by Anonymous Coward · · Score: 0

      You have to have some idea what to search for. Let's see.. I don't really know what flash is (well kinda), I don't know what a cookie is, I don't know the implications of either. What am I supposed to search for?

    9. Re:Firefox by Anonymous Coward · · Score: 0

      And most people have better things to do with their lives than use search engines to find obscure information they don't care about. Get a life.

    10. Re:Firefox by Anonymous Coward · · Score: 0

      And for chrome there is Click&Clean which will also delete Silverlight cookies.

      But it's nice to have it included natively.

    11. Re:Firefox by Anonymous Coward · · Score: 0

      How do you search on how to delete something that you don't know exists? You forgot about that part while writing your stupidly childish reply.

    12. Re:Firefox by asa · · Score: 1

      It's nice to have this in the latest versions of all the popular browsers (Firefox, IE, and Chrome) and it took cooperation from Adobe to make that happen. Good on them too.

    13. Re:Firefox by scdeimos · · Score: 1

      Actually, Firefox 4 supports this as well, out of the box.

      Yes, it does, and I don't know why TFA doesn't mention it. This, from the Adobe Flash Player 10.3 beta release notes:

      Integration with browser privacy controls for managing local storage – Users will have a simpler way to clear local storage from the browser settings interface – similar to how users clear their browser cookies today. Flash Player 10.3 integrates control of local storage with the browser’s privacy settings in Mozilla Firefox 4, Microsoft Internet Explorer 8 and higher, and future releases of Apple Safari and Google Chrome. See this related post we published in January.

    14. Re:Firefox by Mana+Mana · · Score: 1

      Ghostery also does this, nixing flash cookies. BTW, it has recently being bought by a marketing firm, although per the documentation they claim not to track users. FYI.

  5. That is good by iONiUM · · Score: 1, Funny

    Maybe it can stop all the horrible flash ads too..

    Although, sometimes they aren't so undesirable, such as when they're like this (warning: although there's no nudity you wouldn't want your boss seeing you look at that).

    1. Re:That is good by Anonymous Coward · · Score: 0

      get flashblock

    2. Re:That is good by h4rr4r · · Score: 1

      Flashblock. Why it is not the default I will never understand.

    3. Re:That is good by cpu6502 · · Score: 1

      >>>http://upup-downdown.com/comics/2011/05/04/invisible-boobies/

      So what did you want me to see? Only thing that I noticed was the "Creative writing: scifi, mystery, horror degree" ad for full sail university. I don't know... that webpage kinda sucked.

      --
      My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
    4. Re:That is good by mapkinase · · Score: 1

      NoScript is better. Once I will detect a website tries to evercook me, it goes to permanent ban on my user-defined NoScript list.

      --
      I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
  6. Works in Firefox 4 as well by BZ · · Score: 5, Informative

    This also works in Firefox 4 last I checked; I'm not sure why the article just talks about Chrome and IE.

    1. Re:Works in Firefox 4 as well by asa · · Score: 4, Informative

      Boris is 100% correct. Mozilla shipped this feature in Firefox 4 and if you have the newest Flash version, it "just works."

      This story's headline is misleading. It should be "IE, Firefox, and Chrome..." because IE shipped it first, Firefox shipped it second, and Chrome just now got around to shipping it.

    2. Re:Works in Firefox 4 as well by BZ · · Score: 1

      Yeah, the headline writing is just broken.

  7. Opera Turbo by cpu6502 · · Score: 0

    Opera is great for dialup or cellphone users, allowing image blocking. The built-in turbo feature also disables flash by default, in order to speed-up the webpage download (unless you click on the little "movie" icon to load the video/ad/whatever). Not sure how you would delete the Flash cookies though.

    --
    My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
  8. Only one way to be sure... by Anonymous Coward · · Score: 5, Funny

    In linux just link ~/.macromedia to /dev/null

    It turns out /dev/null is something of a cookie monster.

    1. Re:Only one way to be sure... by Anonymous Coward · · Score: 0

      That's a good idea, but you should do ~/.adobe as well.

      Personally, I use:

      chmod -R ~/.macromedia 000
      chmod -R ~/.adobe 000
      su chown -R root ~/.macromedia
      su chown -R root ~/.adobe

      If you wanted to actually write the cookies but remove them shortly afterwards, you could just cron a job to run every hour (or 15 minutes, or whatever your heart desires) to 'rm -rf ~/.macromedia/Flash_Player' and 'rm -rf ~/.adobe/Flash_Player'

      For those running Windows, it's located in 'your personal directory'\Application Data\Adobe\Flash Player and 'your personal directory'\Application Data\Macromedia\Flash Player

    2. Re:Only one way to be sure... by Anonymous Coward · · Score: 0

      I salute you my dear sir, that is truly the most elegant, ingenious and purely evil way to slay flash cookies.

      For lesser mortals:
      mv ~./macromedia ~macromedia.evil
      ln -s /dev/null ~./macromedia

      Bwahahaha!!!

    3. Re:Only one way to be sure... by Anonymous Coward · · Score: 0

      The problem with this is that it makes online banking a pain in the ass. It also ruins some flash games that I like :/

  9. Flash cookie scourge by hodet · · Score: 2
    "The addition of the ability for users to delete the cookies set by plug-ins and browser add-ons gives them better control of the security and privacy of the content on their machines..."

    because its bad to have all those yourporn and redtube flash cookies on your work computer.

  10. Why not Safari as well as Chrome? by cpu6502 · · Score: 1

    It's the same base engine, isn't it? What about the non-google Chromium? Will it work with Adobe to erase cookies?

    --
    My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
    1. Re:Why not Safari as well as Chrome? by Anonymous Coward · · Score: 0

      Pretty sure HTML rendering and cookie management are two different things, so Safari wouldn't necessary get this feature automatically. Chromium probably will get it, unless Google wants this to be a Chrome-only feature.

    2. Re:Why not Safari as well as Chrome? by Daltorak · · Score: 1

      It's the same base engine, isn't it? What about the non-google Chromium? Will it work with Adobe to erase cookies?

      This isn't a "base engine" issue -- it's a browser UI issue. Each browser needs to offer an API hook to plugins that allow them to say, "hey, call this function when the user has requested their browsing history be deleted!" So, the way you phrased your last question is backwards -- Adobe must work with browser capabilities, not the other way around.

      In the case of IE8 and later, this is a one-function COM interface that gets passed a single flags parameter indicating what types of objects should be deleted. Pretty simple stuff..... why it took Adobe more than two years to implement this obvious little capability is beyond me.

      I haven't been able to find an equivalent in Firefox 4's NPAPI documentation, but it may exist. If it doesn't now, it will soon -- it's a really obvious feature to have.

      Also, for what it's worth, the Flash local storage is global to your user profile, not local to the browser.... so asking Chrome to delete your browser history will mean Flash cookies are deleted in all other browsers.

    3. Re:Why not Safari as well as Chrome? by CyberDragon777 · · Score: 2

      I haven't been able to find an equivalent in Firefox 4's NPAPI documentation, but it may exist. If it doesn't now, it will soon -- it's a really obvious feature to have.

      https://wiki.mozilla.org/NPAPI:ClearSiteData

      https://bugzilla.mozilla.org/show_bug.cgi?id=508167
      Looks like it was added in February.

      https://bugzilla.mozilla.org/show_bug.cgi?id=625496
      And "Clear recent history" will remove the cookies once flash 10.3 is released.

      --
      We both said a lot of things that you are going to regret.
  11. One down, ten more to go.. by Anonymous Coward · · Score: 0

    Evercookie supports over ten different data storage mechanisms, and if it finds valid data in just one of them, it re-replicates the cookie to the other storage methods.

    Of course, being able to delete Flash cookies more easily is still a very much welcome improvement.

  12. Firefox already allows you to delete Flash cookies by CosaNostra+Pizza+Inc · · Score: 2

    If you have the "BetterPrivacy" addon, you have control over Flash cookies.

  13. Evercookie, say hello to volatile storage. by Joe+U · · Score: 1, Informative

    Evercookie is unstoppable, irrevocable, undeleteable, and it represents a new trend.

    A RAMDisk is an emulated disk that uses system memory and is erased completely during shutdown.

    Symbolic links and hard links are pointers that let you direct files and directories to other locations, such as RAMdisks.

    Reboot. What evercookie?

    Takes about 10 mins to set up properly. Using Windows? CCleaner can help you with any missed temp files. Schedule it to run at startup.

    1. Re:Evercookie, say hello to volatile storage. by h4rr4r · · Score: 3, Informative

      Hard links do not work across paritions/drives symlinks are what you want.

    2. Re:Evercookie, say hello to volatile storage. by dc29A · · Score: 1

      Windows RAM drive. Works great with browser temporary data. You can use junctions to map adobe temporary folders to your RAM drive.

    3. Re:Evercookie, say hello to volatile storage. by RobertM1968 · · Score: 1

      Hard links do not work across paritions/drives symlinks are what you want.

      I think you may be misunderstanding what he's saying. Let's say you want to have a hard link to R:

      The easiest approach doesnt even require a redirect. Simply point everything hard linked to the RAMdisk (R:). A simple batch file on startup is all it takes to set back up the ramdisk during boot so it's functional as if it was always there and always a part of the system. That also makes it easy to have the "safe copy" nicely tucked away for repeat reloading whenever one wants - or on each reboot when the ramdisk is set back up. I've used a similar scenario for various serving (ie: internet daemon) activities where using a ramdisk is ideal and better suited to hard caching or increasing cache size and expire to address high load systems. System starts, creates ramdisk R:, dumps a copy of the needed contents on it, starts appropriate daemons, with their hard links to the content on drive R:. A simple sync routine will ensure that changes made to the "original" content get written to the ramdisk as well. Etc, etc, etc... you get the picture.

      Thus, the hardlink pointer is being pointed to a structure that allows such... no partition/drive spanning... simply pointing to the ramdisk, which can be recreated each and every boot.

      --
      StarTrekPhase2 - The Five Year Mission Continues!
  14. They don't NEED to conspire... by Kamiza+Ikioi · · Score: 2

    It's not unstoppable. I'd mod you up for informative, but you mention that it is so good that it is unstoppable. It is not unstoppable or undelete-able on all browsers. In fact, it can be removed from Chrome. It is therefore, not a limitation of the browser. They don't NEED conspire. Regular cookies rarely get deleted by most users.

    If you are wiping out your cookies and using ad blocking and script blocking software, they already know you are the least likely user to click an ad if you saw one. The only good reason for them to track you is to figure out how to sell you something. If you won't click an ad, you're not likely to buy anything they have to sell, and pretty much ignore you as a consequence of doing business on the Internet.

    If they were conspiring, they'd refuse to allow you to use their sites if you block content, including cookies. They could very simply say, "If no cookie, set cookie. If you still don't have cookie, no content."

    --
    I8-D
    1. Re:They don't NEED to conspire... by Nursie · · Score: 3, Interesting

      Really?

      Because you hear of deliberate violations of do-not-call lists, and everybody likes to make it hard to get off their spamvertising lists.

      It seems like common sense to you and me, but I'm not sure that the unethical marketing people (not all, but the unethical ones) have got there yet. They seem to think it's extra important to annoy the hell out of people who've already decided they don't want to be annoyed.

    2. Re:They don't NEED to conspire... by LordLimecat · · Score: 1, Insightful

      You want their content, they set the rules. You dont like it, dont view their content.

      This isnt rocket science, people.

    3. Re:They don't NEED to conspire... by medeii · · Score: 1

      Repeat after me: an HTTP connection is not a contract.

      Site owners are free to offer suggestions as to how to show the content they're freely offering who connects to their public server. I am similarly free to ignore those suggestions, and accept or render only the parts I want.

      After all, if they don't want me seeing the content, all they have to do is stop giving it away.

      --
      got standards? --- http://www.w3.org/
    4. Re:They don't NEED to conspire... by LordLimecat · · Score: 1

      Sure, youre free to block their cookies, so long as they choose to allow you to do so. They could quite easily refuse to let you access any content if you refuse to set cookies.

      Youre right its not a contract, but its THEIR content.

    5. Re:They don't NEED to conspire... by Nursie · · Score: 1

      Cool, put counter-adblocking in place, refuse to serve content to people that block your ads.

      That way people can decide whether to enable the ads to see the content and neither party gets ripped off. It makes the relationship explicit.

      I fully support that.

  15. There is already a way... by Anonymous Coward · · Score: 0

    The caveat is it requires access to the Adobe website.

    Right click any Flash object and click "Global Settings". On the following webpage click on the link to the Global Settings Panel.

    Alternatively under Chrome: Options > Under the Hood > Clear browsing data > Adobe Flash player storage settings.

    1. Re:There is already a way... by yuhong · · Score: 1

      Right click any Flash object and click "Global Settings". On the following webpage click on the link to the Global Settings Panel.

      Yep, this page was there for some time, but only with Flash 10.1 did they add a entry to the pop-up menu that links to it.

  16. Better Privacy logo? by bill_mcgonigle · · Score: 1

    Can somebody explain what the meaning of the 'no moldy whipped cream on pumpkin pie' icon is? I mean, I agree, but fail to see the connection.

    Not in the FAQ, I looked.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    1. Re:Better Privacy logo? by Anonymous Coward · · Score: 0

      The pie is a lie?

      I dunno.

  17. Flash 10.3 beta helps too by mccalli · · Score: 3, Informative

    The 10.3 beta tells you when a Flash application is trying to write to your local machine. I've been hitting 'Deny' on everything and no ill effects been seen so far.

    Cheers,
    Ian

  18. There's a flipside by Anonymous Coward · · Score: 0, Funny

    To the paranoids, great news, but just watch all the complaining when your favorite Flash game no longer has your highscores and game progress saved!

    1. Re:There's a flipside by Anonymous Coward · · Score: 1

      Paranoia and privacy concern are two different things.

      Paranoia is when you think there's alien implants in your body and whatnot.

      Privacy is more like a basic human right to have freedom-of-choice, without
      thinking about what other knows about you.
      (FlashCookies are a small part of this, but they can be combined with browser-
      fingerprinting to allow near-complete tracking. Such tracking can be grown
      and later combined with offline activities, and before we know it, 1984)

      By that time we *wish* we could trade that for an alien tracking-implant :/

  19. ability to delete Flash cookies by doperative · · Score: 3, Informative

    Under Linux delete the ~/.macromedia directory ...

    1. Re:ability to delete Flash cookies by Flyers2391 · · Score: 2

      Exactly ... I keep this directory "list only" at all times. Sometimes sites don't work without being able to write there ... most of the time I don't care enough about the video to change rights, but I will if I'm watching The Daily Show or something.

      When I'm done, I clear the directory and re-lock it. I did the same for the ".adobe" directory, not sure if it's necessary

    2. Re:ability to delete Flash cookies by LordStormes · · Score: 1

      The point is, all these methods work, but they're all a royal pain in the ass. I don't want to go drop to a Linux command shell to get rid of cookies; that's why every browser has UI to do that for me. If a browser manufacturer knows there is crap cached on my machine related to my Internet browsing history, then when I ask it to delete all the Internet browsing history, it should delete it. Note that Windows doesn't have a "format my hard drive, but leave the porn alone" button (although this might be useful). Users have a right to expect that a browser's UI will do everything that it says it will, and that there is UI for all of the reasonable activities that might need to be done to keep themselves safe on the Internet.

    3. Re:ability to delete Flash cookies by MrL0G1C · · Score: 4, Informative

      ..And for windows users, delete the /macromedia directory! (in ?:\Documents and Settings\UserName\Application Data\) or C:\Users\UserName\AppData\Roaming\

      --
      Waterfox - a Firefox fork with legacy extension support, security updates and better privacy by default.
    4. Re:ability to delete Flash cookies by Anonymous Coward · · Score: 0

      The point is, all these methods work, but they're all a royal pain in the ass.

      Oh no, just set 'em up once. I have a shell script in my (KDE) autostart folder which essentially contains rm -rf ~/.adobe/Flash_Player/* ~/.macromedia/Flash_Player/*. Deleting the cookies once every login is enough for me.

      I don't want to go drop to a Linux command shell to get rid of cookies

      Gee, you can also delete dirs and files using point-and-click techniques under Linux if you have some GUI installed ;) ... otherwise, I think elinks doesn't use Flash ...

      But you're right in that this should be controllable from within the browser.

    5. Re:ability to delete Flash cookies by cbhacking · · Score: 1

      More conveniently, delete %APPDATA%\macromedia\. It's a bit longer than ~, but %APPDATA% or %USERPROFILE% are handy variables to know about. You can enter them into Explorer just file, also.

      --
      There's no place I could be, since I've found Serenity...
  20. If you use Linux by Anonymous Coward · · Score: 1

    this is easy to escape.

    Nothing escapes the event horizon that is /dev/null

    To have Flash functionality without cookies being set and/or saved to disk, just symlink a couple of files to /dev/null and forget about it.

    CD $HOME

    rm -rf .adobe .macromedia

    ln -s /dev/null .adobe

    ln -s /dev/null .macromedia

    Something else people forget about is CSS. Websites can use CSS to track you across sites as well. There are a couple of ways to defeat this. The easiest is to set remembering URLS to zero (0). The second is to surf in private mode. Firefox now allows you to start the browser and always be in private mode. No cookies are set or saved. If you do need cookies set and saved, you can do it on a site-to-site basis by tweaking the cookie settings.

    Windows users can use Better Privacy add-on in Firefox as well as Ghostery and Request Policy. More than a few add-ons will start to slow your browser down since they all need a slice of RAM to operate. Let's not forget Adblock Pluider. Subscribe to either EasyList or Fanboy's adblocking subscriptions.

    I also use about:config in Firefox to disable geo tracking, http referer, network prefetch, and css visited links.

    Enjoy a safer, more private Interwebnet.

  21. too late by Anonymous Coward · · Score: 0

    Better Privacy already takes care of this.
    I rather see a way to change the plugin settings without having to go tthrough their website. that concept just stinks.

  22. Cheating at Flash games by rwa2 · · Score: 1

    So much for One Chance.

  23. Damn by Tailhook · · Score: 2

    Widespread use of this will make marketers focus on new tracking techniques. As it is they rely on cookies that are easily eradicated with simple tools, but are usually left alone by users. They don't have to remain that easy to thwart. They won't if all their analysis goes to hell 24h after 10.3 is released and auto-installed everywhere.

    --
    Maw! Fire up the karma burner!
    1. Re:Damn by Anonymous Coward · · Score: 0

      I can safely pretend that 90% users don't manage or delete their cookies, even if browsers have offered some sort of cookie management forever.

  24. LoL by Anonymous Coward · · Score: 0

    Who cares? Why even install Flash at all?

  25. How to delete Flash Cookies by brit74 · · Score: 2

    Hat tip to chrome and IE for making this easier, but for those who don't already know, there is a way to delete flash cookies. Just click the "delete all sites" button after arriving at this webpage: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

  26. Google and Microsoft were the examples by Kamiza+Ikioi · · Score: 1

    He said "Google and Microsoft". Google and MS are not violationg do-not-call nor can-spam. And by extension, Google websites (search, gmail, etc), properties (Doubleclick), and Microsoft Bing and their web properties. That accounts for an extremely large portion of web advertising, not just on their sites, but on third party sites, phones, and apps.

    --
    I8-D
    1. Re:Google and Microsoft were the examples by Nursie · · Score: 1

      Firstly, the OP said google and microsoft in reference to their role as browser manufacturers, then referred to them and others potentially being involved in evercookies.

      Secondly, The post I replied to didn't reference either company.

      Thirdly, I didn't say they were violating laws (though there certainly are people that violate DNC), I said that marketers and advertisers, particularly the unscrupulous ones, go out of their way to target people who don't want to be advertised to. The point being that it's counterintuitive - why go after people who hate what you do and are unlikely to be a market for you?

      The only reason I can think of is that they use the size of their mailing lists to sell their services.

  27. Firefox by Anonymous Coward · · Score: 1

    One of the reasons I have stuck with firefox is the better privacy extension that deletes all the flash cookies every time I close the browser. It does not hurt that Chrome sucks at playing games like Runescape, trying to force text to the address/search bar instead of the in game type.

  28. To zap my history on a Mac I use Automator... by atrocious+cowpat · · Score: 2
    ... I created an Automator-Script that moves these files/folders:

    ~/Library/Cookies/Cookies.plist
    ~/Library/Safari/History.plist
    ~/Library/Safari/HistoryIndex.sk
    ~/Library/Safari/LastSession.plist
    ~/Library/Safari/Downloads.plist
    ~/Library/Safari/Databases
    ~/Library/Safari/LocalStorage
    ~/Library/Safari/TopSites.plist
    ~/Library/Safari/WebpageIcons.db
    ~/Library/Preferences/Macromedia/Flash Player
    ~/Library/Caches/com.apple.Safari
    ~/Library/Caches/QuickTime
    ~/Library/Caches/Adobe/Flash Player/AssetCache
    ~/Library/Caches/Metadata/Safari

    ... to the thrash.

    Did I miss anything?

    --
    sig? Oh, that sig...
    1. Re:To zap my history on a Mac I use Automator... by Anonymous Coward · · Score: 0

      Well, I don't know about OSX, but I permanently blocked Flash cookies on my Debian system in one command.

      # chmod -R 0500 ~/.macromedia/

  29. Resolve the problem at the source by theweatherelectric · · Score: 2

    I avoid the problem to begin with by not installing Flash in the first place. It all depends on your usage patterns, of course, but I find I no longer need Flash. Yes, some websites or specific features of some websites just don't work without Flash but for me these cases are increasingly in the minority.

  30. Firefox allows you not to install flash plugin! by Anonymous Coward · · Score: 0

    Firefox wins. Who wants that proprietary, crashy POS anyways?

  31. This is equally going to annoy... by Anonymous Coward · · Score: 0

    ...a LOT of people.

    Why? Flash games.
    Bye-bye progress.
    Yes, there probably should be an online storage of progress, but most of the time they aren't because it is simply too much for them to add. (most of these people tend to only really know Flash and a basic understanding of Web development and upload to Flash game websites)

    They should equally add whitelists of stuff that you wouldn't want to be erased.
    An option to ask you to whitelist a site on creation of cookies and such would be really nice.
    And this goes for all of the local storage methods. How horrible it would be to accidentally delete draft e-mails from an Offline Mode application of a site (Gmail Offline mode for example)

  32. what bugs me about flash cookies by vaporland · · Score: 1

    is that you have to go to an Adobe URL to delete them. So, Adobe knows about all the pron flash cookies, etc, you're deleting from your computer. Why do they need to know this?

    --
    Ask Me About... The 80's!