The Mac Security Blog

Security & Privacy

Flash Player Cookies Are Unknown Web Tracking System

Posted on by

Most people are aware that their web browser stores cookies. A cookie is a file on your hard disk that contains information sent by a web server to a web browser and then sent back by the browser each time it accesses that server. Typically, this is used to authenticate or identify a registered user of a web site without requiring them to sign in again every time they access that site. Other uses of cookies are to maintain a “shopping basket” of goods you have selected to purchase during a session at a site, site personalization (presenting different pages to different users), or to track a particular user’s access to a site.

While cookies can have legitimate uses, as we have seen above, unscrupulous web sites use them to collect data on your surfing habits. They sell this data to companies that will then target you specifically for products and services that correspond to these habits, or even ensure that when you surf on certain sites, you see ad banners that match these habits.

You may be aware that Intego NetBarrier has a powerful tool for controlling cookies, allowing you to block all cookies, remove cookies, or only allow selected sites to store cookies on your Mac.

Most users, however, are not aware that Flash Player has its own method of using cookies, and that the information in these cookies can be shared among web sites. PC World reports about a study made by a number of researchers which “found that the Flash cookies, or local shared objects, are used on 54 of the top 100 Web sites.” The article points out that “many sites are using Flash cookies in a decidedly underhanded way. Flash cookies can be used to store the same unique identifier used by an http cookie to track visitors, according to the study. And in some cases, Flash cookies that store the same unique ID as an http tracking cookie are used to re-create the http cookie if it’s deleted.”

Users can go to this web page which displays their Flash security and privacy settings, and make some changes to protect themselves. Unchecking “Allow third-party Flash content” prevents these cookies from being stored, by prevent Flash playback from some web sites. In the study, this “didn’t cause any problems with 84 out of the 100 tested Web sites, but nine of the sites would no longer display Flash content.”

Comments are closed.