Web browser privacy FAQ: What things can I do to improve my internet/web browser privacy and security (especially in regards to "Flash cookies", or "Flash super cookies")?
Continuing my research into internet/web browser privacy, I've already mentioned that I stumbled onto the "Better Privacy" Firefox plugin, but I haven't written much specifically about it. So, here's what I know about web browser privacy and Better Privacy.
Using Better Privacy for better web browser privacy
The Better Privacy plugin was created specifically to tackle the problem of Flash browser cookies, or Local Shared Objects (LSO's). These Flash browser cookies are also referred to as "super cookies", for a variety of reasons. Here is a direct quote about these browser cookies from the Better Privacy web page on the Firefox website:
Some flash LSO-cookie properties in short...
- they never expire - staying on your computer for an unlimited time.
- by default they offer a storage of 100 KB (compare: Usual cookies 4 KB).
- browsers are not aware of those cookies, LSO's usually cannot be removed by browsers.
- via Flash they can access and store highly specific personal and technical information (system, user name, files,...).
- ability to send the stored information to the appropriate server, without user's permission.
- Flash applications do not need to be visible
- there is no easy way to tell which flash-cookie sites are tracking you.
- shared folders allow cross-browser tracking, LSO's work in every flash-enabled application
- the company doesn't provide a user-friendly way to manage LSO's, in fact it's incredible cumbersome.
- many domains and tracking companies make extensive use of flash-cookies.
These cookies are not harmless.
Reviewing these web browser privacy concerns
Almost all of those points jump out at me as bad news for your web browser privacy, but I think these are the most important:
- Web browsers are not aware of these cookies. (I believe this is true. The normal process of removing browser cookies has no effect on these files.)
- LSO's usually cannot be removed by browsers. (I have verified this.)
- Via Flash they can access and store highly specific personal and technical information. (I have not verified this yet.)
- Ability to send the stored information to the appropriate server, without user's permission. (I have not verified this yet.)
- Flash applications do not need to be visible. (True)
- Shared folders allow cross-browser tracking, LSO's work in every flash-enabled application. (This is true. All web browsers share the same Flash/Macromedia folder on my Mac OS X system.)
- The company doesn't provide a user-friendly way to manage LSO's, in fact it's incredible cumbersome. (This is true. You have to go to the Adobe/Macromedia website to remove LSO's, as I describe in my Web browser privacy and Flash cookies article.)
I have to say that at the moment, I don't know what user information can be stored in this type of browser cookie, but I will try to find out. The suggestion in that third bullet point, that they can access information about your system, seems very disturbing.
Because I use the FlashBlock plugin (see below), I also see many of these little Flash applications that most users probably don't see. FlashBlock shows a little image in your web browser every time it blocks a Flash application, and I see this image all the time when I'm surfing websites. Because those applications aren't normally visible, I assume they are there for one and only one purpose -- to use these super cookies.
Other internet and web browser privacy and security articles
While digging into the general topic of internet and web browser privacy and security, I've written several (more detailed) browser privacy articles related to this topic:
- Internet web browser privacy, security, and Flash cookies
- Web browser privacy and the Google Chrome Incognito window
The first article offers much more detailed information about the Flash super cookies, and the second article discusses web browser privacy in the context of the Google Chrome Incogniton window, which is a cool tool for helping to protect your browser privacy.
Web browser privacy tools
As I've mentioned in those other articles, the two tools I use to improve my web browser privacy are:
Of course both of these relate directly to Flash. I'll continue to dig around for other internet/web browser privacy and security tips, and share them on this website as I find them.
Yours in web browser privacy, safety, and security,