1 edit | Evercookie - The nightmare is here Well looks like it could be anyway !
From what i gather, it "appears" to be only HTML5 capable, but please advise if otherwise.
See what you make of it.
»samy.pl/evercookie
So how do/would we prevent these from happening, apart from no scripting ?
There are ongoing legal actions been taken as i write against some big companies, amongst others, who have been using persistent flash cookies without users knowledge and/or permissions, so it'll be interesting to see how this flys, or not !
-
Edit typo |
|
 Khaine
join:2003-03-03
Australia | Looks similar to »Re: Advertisers using HTML5 Features to Track Users
Its sad how much commercial the internet has become. While it has bought us amazing things like amazon, iTunes and the like, it also bought us marketing companies, spyware, tracking, profiling, data mining and so much other crap |
|
 SparkChaserPremium
join:2000-06-06
Downingtown, PA
kudos:3 | reply to Rebirth
a word of warning going to samy.pl/evercookie with java enabled will get you a bunch of his 'evercookies' |
|
|
|
Khaine
join:2003-03-03
Australia
1 edit | It looks pretty simple to block. All you need to match on is
<script type="text/javascript" src="evercookie.js"></script>
or even the function call to evercookie()
That won't stop people who obfuscate the code, and I'm sure there are more sophisticated methods of detecting and removing these 'evercookies'. |
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to SparkChaser
said by SparkChaser:a word of warning going to samy.pl/evercookie with java enabled will get you a bunch of his 'evercookies' How? I don't have Flash and I don't allow any kind of cache on my browsers (well, except IE6 because I have to there but I don't use that browser except for speed tests). So, I went to his site on Opera but I have no flash on Opera and no cache. So, how are his cookies set?
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
 CylonRedPremium,MVM
join:2000-07-06
Bloom County | reply to Khaine
Marketing companies and tracking data has been around for decades. Many, many decades. |
|
 ashrc4Premium
join:2009-02-06
australia
1 edit | reply to Rebirth
firefox 3 and html5 firefox 4 show the same result for sandboxie.
Looks like just another persistant flash cookie. |
|
SparkChaserPremium
join:2000-06-06
Downingtown, PA
kudos:3 Reviews:
 ·Verizon FiOS
| reply to Mele20
said by Mele20:said by SparkChaser:a word of warning going to samy.pl/evercookie with java enabled will get you a bunch of his 'evercookies' How? I don't have Flash and I don't allow any kind of cache on my browsers (well, except IE6 because I have to there but I don't use that browser except for speed tests). So, I went to his site on Opera but I have no flash on Opera and no cache. So, how are his cookies set? Sorry, I did mean you personally. I meant the average user. Ummm, like me 
--
--
--
"Facts do not cease to exist because they are ignored." - Aldous Huxley
“Children will not remember you for the material things you provided but for the feeling that you cherished them.” - Richard L. Evans
|
|
 DownTheShoreHelp Moore OklahomaPremium
join:2003-12-02
Beautiful NJ
kudos:12
 ·Verizon Online DSL
| reply to ashrc4
said by ashrc4:firefox 3 and html5 firefox 4 show the same result for sandboxie. Looks like just another persistant flash cookie. Thanks for showing that tree. I would not have thought of checking there. For other Vista users who want to check that out, remember to go into Tools > Folder Options > View and uncheck "Hide Protected Files". That's the only way to see the cookies when using Windows Explorer.
--
Patriotism is not waving a flag, it is living the ideals
I want to retire to the Isle of Sodor and ride the trains.
|
|
OZOPremium
join:2003-01-17
kudos:2 | reply to ashrc4
To stop Flash cookies once and for all there is a simple and reliable way. Check this post.
--
Keep it simple, it'll become complex by itself... |
|
| The BetterPrivacy Firefox extension gives the option to remove Flash cookies each time the browser closes.
»addons.mozilla.org/en-US/firefox/addon/6623/ |
|
 ZZZZZZZPremium
join:2001-05-27
PARADISE
kudos:1
1 edit | BetterPrivacy for Firefox is a good extension,but Crap Cleaner also cleans Flash cookies if you run it.
--
~~Get our troops home...now!!~~ |
|
 Grail KnightQui audet adipisciturPremium
join:2003-05-31
Valhalla
kudos:6
 ·Time Warner Cable
| CCleaner had a habit of deleting the settings.sol file when cleaning flash so I made some adjustments in CCleaner to protect that file and this has worked for some time now.
Exclude
C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol
Include
C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\
C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\
--
"The gullible are ripe for conspiracy stories."
|
|
Grail KnightQui audet adipisciturPremium
join:2003-05-31
Valhalla
kudos:6 Reviews:
·Time Warner Cable
| reply to Mele20
quote:
How? I don't have Flash
How is that possible when in the other thread you said you have flash installed in IE?
»Re: Adobe Security Advisory for Flash Player CVE-2010-2884
If you have that flash evercookie then it seems that one of your programs that requires IE components to work may be downloading the flash evercookie.
Have you checked your programs that may use flash components to function to see if one of them may be downloading this cookie?
I do not see a big deal about this myself. YMMV
--
"The gullible are ripe for conspiracy stories."
|
|
PX EliezerPremium
join:2008-08-09
Hutt River
kudos:13 Reviews:
 ·callwithus
·voip.ms
·Optimum Voice
·Vitelity VOIP
·Gizmo5
| reply to martg
Great firefox add-on! |
|
 Jim GurdPremium
join:2000-07-08
Plymouth, MI | reply to Rebirth
I couldn't get it to work in IE at all. I kept getting javascript errors.
In Firefox it failed to restore the cookie after I ran CCleaner. Seems rather harmless to me. |
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to Grail Knight
Yes, I wasn't as clear as I could have been. I meant that I don't have Flash installed on Opera which is the browser I used when going to the evercookie site.
The only program I know that uses Flash I have on Vista where I don't have FP installed. That is Avast which uses Flash for its ad for the free version. I wish they wouldn't do that. I really like Avast 5 and its GUI except for that and that will keep me from ever using Avast on a computer where I have to have Flash installed on one browser. Many times, I have removed Flash from IE6 for long periods (until I have to do speed tests because of a problem) and not had any problems with programs so I suspect none of them need Flash components.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
| reply to Rebirth
This was trivial to defeat.
GNU/Linux users:
chmod 000 ~/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys
chmod 000 ~/.macromedia/Flash_Player/#SharedObjects
After executing the above just clear conventional cookies as you would. This is exciting old news, the Flash cookies have been around for some time now. |
|
| reply to Rebirth
I read an article that said the cookie is placed in 8 locations.
Even if you get rid of 7 of them, the cookie can "rebirth" itself from the one, it will be back in all 8 locations afterwards.
The article mentioned "persistent" cookie. |
|
 ABPremium
join:2006-04-04
Leesburg, VA
kudos:3
·Verizon Online DSL
| said by Jon jon :
I read an article that said the cookie is placed in 8 locations.
Even if you get rid of 7 of them, the cookie can "rebirth" itself from the one, it will be back in all 8 locations afterwards That's a lot of places-- not to mention a good plot for a horror movie.
Got a link to the article? |
|
