Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Chrome, IE To Allow Users To Delete Flash Cookies

CmdrTaco posted more than 3 years ago | from the different-kind-of-flash dept.

Privacy 110

Trailrunner7 writes "The upcoming release of Adobe Flash Player 10.3 will give users of most of the major browsers the ability to delete Flash cookies in much the same way that they're able to erase normal Web cookies, thanks to a better integration with privacy settings in Internet Explorer and Google Chrome. The addition of the ability for users to delete the cookies set by plug-ins and browser add-ons gives them better control of the security and privacy of the content on their machines and is designed to address a serious issue that's been plaguing Flash for some time. Security and privacy experts have warned about the implications of so-called Flash cookies, which are set by Flash and difficult for users to find and delete."

cancel ×

110 comments

And what about evercookie? (4, Interesting)

elucido (870205) | more than 3 years ago | (#36025624)

http://en.wikipedia.org/wiki/Evercookie [wikipedia.org]
http://samy.pl/evercookie/ [samy.pl]

Evercookie is unstoppable, irrevocable, undeleteable, and it represents a new trend. When is Google and Microsoft going to do something about this? Or do they and others conspire to use this evil mega cookie to track us?

Re:And what about evercookie? (5, Insightful)

The MAZZTer (911996) | more than 3 years ago | (#36025718)

File a bug on the Chrome bug tracker. The latest I can find [google.com] is that Chrome should be erasing it all if you use Incognito, except for the Flash LSO.

Re:And what about evercookie? (2, Interesting)

Anonymous Coward | more than 3 years ago | (#36026218)

In my tests incognito mode was enough to delete the evercookie. I simply quit the browser and restarted.. it didn't know who I was. Try it here http://samy.pl/evercookie/

Re:And what about evercookie? (1)

mdm-adph (1030332) | more than 3 years ago | (#36028598)

Pretty sure that's not the case anymore about Flash LSO's and Incognito mode. (Could just be the custom version of Chromium called SRWare Iron I'm using, though.)

Re:And what about evercookie? (1)

h4rr4r (612664) | more than 3 years ago | (#36025722)

Seems like it is deletable, hard to find maybe but you can always delete your whole browser profile.

Re:And what about evercookie? (4, Insightful)

icebike (68054) | more than 3 years ago | (#36025892)

Or run the browser and all of its minions (including flash) in a sandbox, which allows you to snap shot it at some point in time, and flush that sandbox after each browsing session and restore from the snapshot at the start of each new session.

As long as every program has access to the Windows Registry, you will have to sandbox that as well, allowing access to a shadow copy.

But the real problem here is that Joe Sixpack is not in a position to be knowledgeable about all of this. Criminal sanctions against users of Evercookie might keep corporate marketing droids from going down that path, but they won't stop the off-shore porn sites or gambling sites from embedding this type of technology.

Re:And what about evercookie? (2)

h4rr4r (612664) | more than 3 years ago | (#36026080)

Windows Registry? I can't find one of those on any of my machines. Install browser in chroot, copy to another location. Then copy before version over after version.

Joe Sixpack is not in a position to be knowledgeable about anything, no need to worry about it.

Re:And what about evercookie? (2)

icebike (68054) | more than 3 years ago | (#36026212)

Joe Sixpack is not in a position to be knowledgeable about anything, no need to worry about it.

How very magnanimous of you.

So in your little provincial world, the only people deserving of protection from cookie mining evil corporations and government spies are long practicing linux users? The rest are just cannon fodder?

I suppose this means the only people deserving of medical privacy are the doctors themselves? The only ones deserving of police protection are the cops themselves?

Re:And what about evercookie? (2)

h4rr4r (612664) | more than 3 years ago | (#36026264)

Talk about putting words in my mouth.

Users are not even interested in this, they don't care about their privacy. For a good example of just that go take a look at facebook. No need for anyone to worry about protecting those who do not care to be protected.

Police protection is a joke. They investigate after, not protect you. The police are 30 minutes away, my own protection is much closer.

Re:And what about evercookie? (1)

rjstanford (69735) | more than 3 years ago | (#36026916)

Talk about putting words in my mouth.

Users are not even interested in this, they don't care about their privacy. For a good example of just that go take a look at facebook. No need for anyone to worry about protecting those who do not care to be protected.

Most users (and I'd include myself in this list) are very interested in some aspects of privacy. I care quite a bit if someone access my bank account and takes my money. I don't care at all if someone wants to send me an email, or get in touch with me because of a common interest. Privacy does not have to equate to invisibility.

Re:And what about evercookie? (0)

Anonymous Coward | more than 3 years ago | (#36027942)

I care quite a bit if someone access my bank account and takes my money.

That's not privacy related. That's theft.

Most users (and I'd include you in this list) don't even know the meaning of privacy.

Re:And what about evercookie? (1)

Intron (870560) | more than 3 years ago | (#36027136)

How very magnanimous of you.

So in your little provincial world, the only people deserving of protection from cookie mining evil corporations and government spies are long practicing linux users?

No. Those running Windows on a virtual machine are OK too. As long as they blow away the Windows VM after use.

Re:And what about evercookie? (2)

causality (777677) | more than 3 years ago | (#36026426)

Joe Sixpack is not in a position to be knowledgeable about anything, no need to worry about it.

Assuming he's literate, he's in a position that is as good as yours or mine.

It's merely a question of willingness. I agree there's only so much you can possibly do for someone who won't lift a finger to help himself. That's a character weakness and I wouldn't be doing anyone any favors if I validated it. For that I make no apology.

It reminds me of that joke: "a 'computer expert' is someone who can read the manual". Most end-user manuals I've seen appear to be targeting about a fifth-grade reading level and assume little or no technical prowess. They often have illustrated, step-by-step directions that don't require you to understand *why* the procedure works. If you expect the average adult to be able to handle that, people will call you a heartless elitist. So be it.

Though I do find it amusing that those who scream "elitist" et al never seem to comprehend one basic fact: a real elitist would not expect a literate adult to handle such things. A real elitist would assume they're too stupid and could never be expected to inform themselves about relatively easy things.

Re:And what about evercookie? (1)

h4rr4r (612664) | more than 3 years ago | (#36026550)

It's merely a question of willingness. I agree there's only so much you can possibly do for someone who won't lift a finger to help himself.

That is the position I was talking about. Joe Sixpack does not care, and will not care. The position of Joe Sixpack is that anything that requires reading or 5 minutes of his time is to hard for him.

As I have now two responses that seem to assume I think Joe Sixpack is some sort of invalid I will admit I should have been clearer.

Re:And what about evercookie? (1)

causality (777677) | more than 3 years ago | (#36027692)

It's merely a question of willingness. I agree there's only so much you can possibly do for someone who won't lift a finger to help himself.

That is the position I was talking about. Joe Sixpack does not care, and will not care. The position of Joe Sixpack is that anything that requires reading or 5 minutes of his time is to hard for him.

As I have now two responses that seem to assume I think Joe Sixpack is some sort of invalid I will admit I should have been clearer.

There seems to be this unstated consensus that unless you excuse, legitimize, and enable any and all forms of intellectual laziness and willful helplessness, then you must be some kind of cold-hearted bastard who wants the poor to starve, old ladies to eat dog food, and baby seals to get clubbed to death.

There's also this widespread and completely false notion that you're doing anyone any favor by teaching them to be at the mercy of others for basic things they are actually capable of doing themselves. Like when someone chooses to be helpless, you're their best friend and a real great guy if you coddle them and make that decision as consequence-free for them as possible, and some kind of evil enemy if you see that they are better served by overcoming their helplessness and would be much happier with their experience if they did.

The amusing notion is that if, in the absence of medically diagnosed mental retardation, illiteracy, or organic brain damage, you tend to assume "if I could do it with a few minutes of effort, he should be able to handle it too since we're fundamentally equal" then you're some kind of elitist who thinks he's better than everyone else. They really don't grasp the self-contradiction this represents.

Combine all of these things and what you get is an emotional need to demonstrate a phony compassion that only makes its recipients less capable, more lazy, and more needlessly dependent. All in the name of caring and winning the approval of others. Oh, except those horrible "elitists", they have a different value system so it's okay to regard them as pieces of shit and make unfounded judgments about what kind of terrible human beings they are. Because you're so caring and nice and accommodating.

That some numbnuts would misinterpret where you were coming from so he could climb on his high horse and make accusations against your character was predictable. Many people have an emptiness they can only fill temporarily by looking down their nose at someone who disagrees with them. That's why I spoke up and added a bit of framework to your statement. To me, what you meant was obvious. It would be obvious to anyone who doesn't have such pathology.

It would be obvious also to anyone who actually wants what is best for average users and would rather teach them how to fish instead of giving them a fish every day so they can pat themselves on the back and tell themselves how kind and generous they are.

Re:And what about evercookie? (1)

Fjandr (66656) | more than 3 years ago | (#36030234)

This is easily one of the best posts I've read in years, and there are many who would treat you with scorn simply for uttering such notions.

Re:And what about evercookie? (1)

AliasMarlowe (1042386) | more than 3 years ago | (#36026748)

Joe Sixpack is not in a position to be knowledgeable about anything

Wrong! Joe sixpack knows plenty about beer...
...and quite likely about football and women.

Re:And what about evercookie? (4, Funny)

h4rr4r (612664) | more than 3 years ago | (#36026818)

Considering the most sold beers in the USA include bud lite and miller lite, I can safely say he knows nothing about beer. He is a connoisseur of beer flavored waters though.

Evercookie, say hello to volatile storage. (1, Informative)

Joe U (443617) | more than 3 years ago | (#36025978)

Evercookie is unstoppable, irrevocable, undeleteable, and it represents a new trend.

A RAMDisk is an emulated disk that uses system memory and is erased completely during shutdown.

Symbolic links and hard links are pointers that let you direct files and directories to other locations, such as RAMdisks.

Reboot. What evercookie?

Takes about 10 mins to set up properly. Using Windows? CCleaner can help you with any missed temp files. Schedule it to run at startup.

Re:Evercookie, say hello to volatile storage. (3, Informative)

h4rr4r (612664) | more than 3 years ago | (#36026104)

Hard links do not work across paritions/drives symlinks are what you want.

Re:Evercookie, say hello to volatile storage. (1)

RobertM1968 (951074) | more than 3 years ago | (#36031438)

Hard links do not work across paritions/drives symlinks are what you want.

I think you may be misunderstanding what he's saying. Let's say you want to have a hard link to R:

The easiest approach doesnt even require a redirect. Simply point everything hard linked to the RAMdisk (R:). A simple batch file on startup is all it takes to set back up the ramdisk during boot so it's functional as if it was always there and always a part of the system. That also makes it easy to have the "safe copy" nicely tucked away for repeat reloading whenever one wants - or on each reboot when the ramdisk is set back up. I've used a similar scenario for various serving (ie: internet daemon) activities where using a ramdisk is ideal and better suited to hard caching or increasing cache size and expire to address high load systems. System starts, creates ramdisk R:, dumps a copy of the needed contents on it, starts appropriate daemons, with their hard links to the content on drive R:. A simple sync routine will ensure that changes made to the "original" content get written to the ramdisk as well. Etc, etc, etc... you get the picture.

Thus, the hardlink pointer is being pointed to a structure that allows such... no partition/drive spanning... simply pointing to the ramdisk, which can be recreated each and every boot.

Re:Evercookie, say hello to volatile storage. (1)

dc29A (636871) | more than 3 years ago | (#36027122)

Windows RAM drive [ltr-data.se] . Works great with browser temporary data. You can use junctions to map adobe temporary folders to your RAM drive.

They don't NEED to conspire... (2)

Kamiza Ikioi (893310) | more than 3 years ago | (#36026042)

It's not unstoppable. I'd mod you up for informative, but you mention that it is so good that it is unstoppable. It is not unstoppable or undelete-able on all browsers. In fact, it can be removed from Chrome [threatpost.com] . It is therefore, not a limitation of the browser. They don't NEED conspire. Regular cookies rarely get deleted by most users.

If you are wiping out your cookies and using ad blocking and script blocking software, they already know you are the least likely user to click an ad if you saw one. The only good reason for them to track you is to figure out how to sell you something. If you won't click an ad, you're not likely to buy anything they have to sell, and pretty much ignore you as a consequence of doing business on the Internet.

If they were conspiring, they'd refuse to allow you to use their sites if you block content, including cookies. They could very simply say, "If no cookie, set cookie. If you still don't have cookie, no content."

Re:They don't NEED to conspire... (3, Interesting)

Nursie (632944) | more than 3 years ago | (#36026138)

Really?

Because you hear of deliberate violations of do-not-call lists, and everybody likes to make it hard to get off their spamvertising lists.

It seems like common sense to you and me, but I'm not sure that the unethical marketing people (not all, but the unethical ones) have got there yet. They seem to think it's extra important to annoy the hell out of people who've already decided they don't want to be annoyed.

Re:They don't NEED to conspire... (1, Insightful)

LordLimecat (1103839) | more than 3 years ago | (#36026500)

You want their content, they set the rules. You dont like it, dont view their content.

This isnt rocket science, people.

Re:They don't NEED to conspire... (1)

medeii (472309) | more than 3 years ago | (#36027850)

Repeat after me: an HTTP connection is not a contract.

Site owners are free to offer suggestions as to how to show the content they're freely offering who connects to their public server. I am similarly free to ignore those suggestions, and accept or render only the parts I want.

After all, if they don't want me seeing the content, all they have to do is stop giving it away.

Re:They don't NEED to conspire... (1)

LordLimecat (1103839) | more than 3 years ago | (#36031266)

Sure, youre free to block their cookies, so long as they choose to allow you to do so. They could quite easily refuse to let you access any content if you refuse to set cookies.

Youre right its not a contract, but its THEIR content.

Google and Microsoft were the examples (1)

Kamiza Ikioi (893310) | more than 3 years ago | (#36027854)

He said "Google and Microsoft". Google and MS are not violationg do-not-call nor can-spam. And by extension, Google websites (search, gmail, etc), properties (Doubleclick), and Microsoft Bing and their web properties. That accounts for an extremely large portion of web advertising, not just on their sites, but on third party sites, phones, and apps.

If you use Linux (1)

Anonymous Coward | more than 3 years ago | (#36027004)

this is easy to escape.

Nothing escapes the event horizon that is /dev/null

To have Flash functionality without cookies being set and/or saved to disk, just symlink a couple of files to /dev/null and forget about it.

CD $HOME

rm -rf .adobe .macromedia

ln -s /dev/null .adobe

ln -s /dev/null .macromedia

Something else people forget about is CSS. Websites can use CSS to track you across sites as well. There are a couple of ways to defeat this. The easiest is to set remembering URLS to zero (0). The second is to surf in private mode. Firefox now allows you to start the browser and always be in private mode. No cookies are set or saved. If you do need cookies set and saved, you can do it on a site-to-site basis by tweaking the cookie settings.

Windows users can use Better Privacy add-on in Firefox as well as Ghostery and Request Policy. More than a few add-ons will start to slow your browser down since they all need a slice of RAM to operate. Let's not forget Adblock Pluider. Subscribe to either EasyList or Fanboy's adblocking subscriptions.

I also use about:config in Firefox to disable geo tracking, http referer, network prefetch, and css visited links.

Enjoy a safer, more private Interwebnet.

Re:And what about evercookie? (1)

Intron (870560) | more than 3 years ago | (#36027078)

Its an arms race. You can try to keep ahead, but the advertisers are willing to spend a lot of money to be able to track individuals.

Re:And what about evercookie? (0)

Anonymous Coward | more than 3 years ago | (#36027886)

Unstoppable? You can run the browser inside sandboxie (windows) and clear the sandbox contents after browsing... It gets rid of that, and pretty much anything else, you'd need to manually merge it with the system for it to become permanent in any way or form. With some tweaking this should be doable on *nix as well with something like sandfox.

Re:And what about evercookie? (1)

asa (33102) | more than 3 years ago | (#36029220)

You're taking this wildly off topic. Evercookie depends on a large group of features and this is a mitigation for one of those features.

Define "Difficult" (0)

Anonymous Coward | more than 3 years ago | (#36025656)

set by Flash and difficult for users to find and delete

localhost $ rm -fr ~/.adobe

Wow, that was some tough shit.

Or if you think anything Adobe wants to store may actually be valuable to you (hah!) you can be more specific:

localhost $ rm -fr ~/.adobe/Flash_Player/AssetCache

Man, that was hard. I am so glad there are teams of helpful people to support me in this difficult endeavor.

Re:Define "Difficult" (1)

clang_jangle (975789) | more than 3 years ago | (#36025838)

It is pretty simple to get rid of them in Linux, probably the same on windows. You just have to know where the files are being stored, which isn't hard. Every time you delete the .adobe and .macromedia directories, you get to start fresh. And you only need a few files in your ~/.mozilla directory to recreate your config automagically, so copy those out and restore them to your periodically fresh .mozilla. I don't know why everyone thinks this stuff is so complicated...

Re:Define "Difficult" (0)

Anonymous Coward | more than 3 years ago | (#36025980)

Don't forget rm -rfv ~/.macromedia

Re:Define "Difficult" (3)

beelsebob (529313) | more than 3 years ago | (#36026038)

Yeh you're right, because the average joe blogs on the street wants to understand where Flash puts it's cookies rather than simply selecting the "delete cookies" menu option.

Oh wait no, that's bollocks ;).

Re:Define "Difficult" (0)

h4rr4r (612664) | more than 3 years ago | (#36026186)

The average joe is not going to even use the menu option. This is slashdot, stop worrying about the average idiot.

Re:Define "Difficult" (0)

Anonymous Coward | more than 3 years ago | (#36028682)

The average joe isn't even going to know how to get to the menu option. Good grief, some of these people (not directed at you) love to give "the average joe" *too much* credit.

Re:Define "Difficult" (1)

LordLimecat (1103839) | more than 3 years ago | (#36026530)

You could pull up the Chrome wrench --> Under the hood --> Clear browser data and click the "Adobe flash player storage settings" link.

Lets you manage flash cookies to your heart's content. Boy, that was difficult.

Re:Define "Difficult" (1)

beelsebob (529313) | more than 3 years ago | (#36026618)

Yeh, because the average joe isn't going to be scared of clicking an "under the hood" button.

Oh wait, that's bollocks too ;)

Re:Define "Difficult" (1)

LordLimecat (1103839) | more than 3 years ago | (#36031272)

Where would you propose they put such an option?

Re:Define "Difficult" (0)

Anonymous Coward | more than 3 years ago | (#36027162)

localhost $ rm -fr ~/.adobe

This is temporary. The next time you encounter Flash, it's recreated. The only successful way is to symlink the .adobe and .macromedia files to /dev/null. This way you get Flash functionality without cookies being set and saved to the HDD.

cd $HOME
rm -rf .adobe .macromedia
ln -s /dev/null .adobe
ln -s /dev/null .macromedia

rm -rf ~/.adobe ~/.macromedia (0)

Anonymous Coward | more than 3 years ago | (#36025704)

n.c.

Firefox (5, Informative)

just_another_sean (919159) | more than 3 years ago | (#36025726)

And for Firefox users there is Better Privacy [mozilla.org] .

From the Better Privacy site:

Better Privacy serves to protect against not deletable longterm cookies, a new generation of 'Super-Cookie', which silently conquered the internet. This new cookie generation offers unlimited user tracking to industry and market research. Concerning privacy Flash- and DOM Storage objects are most critical.
This addon was made to make users aware of those hidden, never expiring objects and to offer an easy way to get rid of them - since browsers are unable to do that for you.

emphasis mine

Re:Firefox (4, Informative)

BZ (40346) | more than 3 years ago | (#36025744)

Actually, Firefox 4 supports this as well, out of the box.

Re:Firefox (3, Interesting)

Jah-Wren Ryel (80510) | more than 3 years ago | (#36025848)

And for Firefox users there is Better Privacy [mozilla.org].

Actually, Firefox 4 supports this as well, out of the box.

FWIW - and it's worth it to me - Better Privacy provides better control in that I can set duration for the cookie. Mine are deleted after 5 minutes of last access. That works for sites like youtube that store the volume setting in the flash cookie, but still gives pretty good protection against flash cookies that might be misused due to lasting until I exit firefox (something I only do once or twice a month).

Re:Firefox (2)

BZ (40346) | more than 3 years ago | (#36025902)

Sure. Better Privacy is nice if you want its features. But it's not strictly necessary to just delete Flash cookies, which is what the article is about.

Re:Firefox (0)

Anonymous Coward | more than 3 years ago | (#36026110)

Sure. Better Privacy is nice if you want its features. But it's not strictly necessary to just delete Flash cookies, which is what the article is about.

GP was stating a preference between two viable options and gave reasons for this preference. Since she never made the claim that BetterPrivacy was strictly necessary, what revelation did you suppose you were making here?

I have no idea why people feel a need to write these redundant posts to disclaim something that never was claimed. It's a real mystery to me.

Maybe you're an insecure person who feels a powerful need to have the last word or something. Maybe that previous sentence will make you resist the temptation to reply to me so you can prove me wrong and thus feel secure for the next several minutes. Maybe that previous sentence will make you want to reply to me even more and remind us all that penguins are not mammals, as though I claimed that they were.

Either way you have fun with that.

Re:Firefox (1)

Anonymous Coward | more than 3 years ago | (#36025946)

And even if it _didn't_, what the fuck is wrong with rm? Or deleting them with a file explorer?

Have we been SO dumbed down as a society that we are no longer even capable of basic filesystem operations such as removing files?

I swear that watching the last 30 years has seemed like a continual process of seeing people get stupider and stupider until even the most basic thing are now considered "too hard". I await the time that turning the computer on is considered "too hard" for the average person to be expected to understand.

Re:Firefox (-1)

Anonymous Coward | more than 3 years ago | (#36026006)

How do you expect the average user to find these files? They don't even know a flash cookie exists, for fuck's sake. They aren't all basement nerds like you.

Re:Firefox (0)

Anonymous Coward | more than 3 years ago | (#36026074)

Too bad there doesn't exist some kind of search engine that could scour the internet for such information.

Re:Firefox (0)

Anonymous Coward | more than 3 years ago | (#36026190)

You have to have some idea what to search for. Let's see.. I don't really know what flash is (well kinda), I don't know what a cookie is, I don't know the implications of either. What am I supposed to search for?

Re:Firefox (0)

Anonymous Coward | more than 3 years ago | (#36026444)

And most people have better things to do with their lives than use search engines to find obscure information they don't care about. Get a life.

Re:Firefox (0)

Anonymous Coward | more than 3 years ago | (#36026810)

How do you search on how to delete something that you don't know exists? You forgot about that part while writing your stupidly childish reply.

Re:Firefox (1)

scdeimos (632778) | more than 3 years ago | (#36029382)

Actually, Firefox 4 supports this as well, out of the box.

Yes, it does, and I don't know why TFA doesn't mention it. This, from the Adobe Flash Player 10.3 beta release notes [adobe.com] :

Integration with browser privacy controls for managing local storage – Users will have a simpler way to clear local storage from the browser settings interface – similar to how users clear their browser cookies today. Flash Player 10.3 integrates control of local storage with the browser’s privacy settings in Mozilla Firefox 4, Microsoft Internet Explorer 8 and higher, and future releases of Apple Safari and Google Chrome. See this related post we published in January.

Re:Firefox (2, Informative)

Anonymous Coward | more than 3 years ago | (#36025756)

Yep. Has existed for several years now, including for older versions of Firefox like FF3.5
(and maybe 3?)

The only thing is it had to do it on disc due to lack of an Adobe API.

However, Better Privacy works even with older versions of Flash, like 10.2 - unlike this new method which requires Adobe's cooperation.

Better Privacy logo? (1)

bill_mcgonigle (4333) | more than 3 years ago | (#36026150)

Can somebody explain what the meaning of the 'no moldy whipped cream on pumpkin pie' icon is? I mean, I agree, but fail to see the connection.

Not in the FAQ, I looked.

Re:Better Privacy logo? (0)

Anonymous Coward | more than 3 years ago | (#36028614)

The pie is a lie?

I dunno.

Re:Firefox (0)

Anonymous Coward | more than 3 years ago | (#36026736)

And for chrome there is Click&Clean [hotcleaner.com] which will also delete Silverlight cookies.

But it's nice to have it included natively.

Re:Firefox (1)

asa (33102) | more than 3 years ago | (#36029138)

It's nice to have this in the latest versions of all the popular browsers (Firefox, IE, and Chrome) and it took cooperation from Adobe to make that happen. Good on them too.

That is good (1, Funny)

iONiUM (530420) | more than 3 years ago | (#36025760)

Maybe it can stop all the horrible flash ads too..

Although, sometimes they aren't so undesirable, such as when they're like this [upup-downdown.com] (warning: although there's no nudity you wouldn't want your boss seeing you look at that).

Re:That is good (0)

Anonymous Coward | more than 3 years ago | (#36025776)

get flashblock

Re:That is good (1)

h4rr4r (612664) | more than 3 years ago | (#36025800)

Flashblock. Why it is not the default I will never understand.

Re:That is good (1)

mapkinase (958129) | more than 3 years ago | (#36026642)

NoScript is better. Once I will detect a website tries to evercook me, it goes to permanent ban on my user-defined NoScript list.

Re:That is good (1)

cpu6502 (1960974) | more than 3 years ago | (#36025880)

>>>http://upup-downdown.com/comics/2011/05/04/invisible-boobies/

So what did you want me to see? Only thing that I noticed was the "Creative writing: scifi, mystery, horror degree" ad for full sail university. I don't know... that webpage kinda sucked.

Works in Firefox 4 as well (5, Informative)

BZ (40346) | more than 3 years ago | (#36025766)

This also works in Firefox 4 last I checked; I'm not sure why the article just talks about Chrome and IE.

Re:Works in Firefox 4 as well (4, Informative)

asa (33102) | more than 3 years ago | (#36028436)

Boris is 100% correct. Mozilla shipped this feature in Firefox 4 and if you have the newest Flash version, it "just works."

This story's headline is misleading. It should be "IE, Firefox, and Chrome..." because IE shipped it first, Firefox shipped it second, and Chrome just now got around to shipping it.

Re:Works in Firefox 4 as well (1)

BZ (40346) | more than 3 years ago | (#36028688)

Yeah, the headline writing is just broken.

Opera Turbo (0)

cpu6502 (1960974) | more than 3 years ago | (#36025770)

Opera is great for dialup or cellphone users, allowing image blocking. The built-in turbo feature also disables flash by default, in order to speed-up the webpage download (unless you click on the little "movie" icon to load the video/ad/whatever). Not sure how you would delete the Flash cookies though.

Only one way to be sure... (5, Funny)

Anonymous Coward | more than 3 years ago | (#36025808)

In linux just link ~/.macromedia to /dev/null

It turns out /dev/null is something of a cookie monster.

Re:Only one way to be sure... (0)

Anonymous Coward | more than 3 years ago | (#36027786)

That's a good idea, but you should do ~/.adobe as well.

Personally, I use:

chmod -R ~/.macromedia 000
chmod -R ~/.adobe 000
su chown -R root ~/.macromedia
su chown -R root ~/.adobe

If you wanted to actually write the cookies but remove them shortly afterwards, you could just cron a job to run every hour (or 15 minutes, or whatever your heart desires) to 'rm -rf ~/.macromedia/Flash_Player' and 'rm -rf ~/.adobe/Flash_Player'

For those running Windows, it's located in 'your personal directory'\Application Data\Adobe\Flash Player and 'your personal directory'\Application Data\Macromedia\Flash Player

Re:Only one way to be sure... (0)

Anonymous Coward | more than 3 years ago | (#36028584)

I salute you my dear sir, that is truly the most elegant, ingenious and purely evil way to slay flash cookies.

For lesser mortals:
mv ~./macromedia ~macromedia.evil
ln -s /dev/null ~./macromedia

Bwahahaha!!!

Re:Only one way to be sure... (0)

Anonymous Coward | more than 3 years ago | (#36031218)

The problem with this is that it makes online banking a pain in the ass. It also ruins some flash games that I like :/

Flash cookie scourge (2)

hodet (620484) | more than 3 years ago | (#36025870)

"The addition of the ability for users to delete the cookies set by plug-ins and browser add-ons gives them better control of the security and privacy of the content on their machines..."

because its bad to have all those yourporn and redtube flash cookies on your work computer.

Why not Safari as well as Chrome? (1)

cpu6502 (1960974) | more than 3 years ago | (#36025940)

It's the same base engine, isn't it? What about the non-google Chromium? Will it work with Adobe to erase cookies?

Re:Why not Safari as well as Chrome? (0)

Anonymous Coward | more than 3 years ago | (#36026018)

Pretty sure HTML rendering and cookie management are two different things, so Safari wouldn't necessary get this feature automatically. Chromium probably will get it, unless Google wants this to be a Chrome-only feature.

Re:Why not Safari as well as Chrome? (1)

Daltorak (122403) | more than 3 years ago | (#36026234)

It's the same base engine, isn't it? What about the non-google Chromium? Will it work with Adobe to erase cookies?

This isn't a "base engine" issue -- it's a browser UI issue. Each browser needs to offer an API hook to plugins that allow them to say, "hey, call this function when the user has requested their browsing history be deleted!" So, the way you phrased your last question is backwards -- Adobe must work with browser capabilities, not the other way around.

In the case of IE8 and later, this is a one-function COM interface [microsoft.com] that gets passed a single flags parameter indicating what types of objects should be deleted. Pretty simple stuff..... why it took Adobe more than two years to implement this obvious little capability is beyond me.

I haven't been able to find an equivalent in Firefox 4's NPAPI documentation, but it may exist. If it doesn't now, it will soon -- it's a really obvious feature to have.

Also, for what it's worth, the Flash local storage is global to your user profile, not local to the browser.... so asking Chrome to delete your browser history will mean Flash cookies are deleted in all other browsers.

Re:Why not Safari as well as Chrome? (2)

CyberDragon777 (1573387) | more than 3 years ago | (#36027912)

I haven't been able to find an equivalent in Firefox 4's NPAPI documentation, but it may exist. If it doesn't now, it will soon -- it's a really obvious feature to have.

https://wiki.mozilla.org/NPAPI:ClearSiteData [mozilla.org]

https://bugzilla.mozilla.org/show_bug.cgi?id=508167 [mozilla.org]
Looks like it was added in February.

https://bugzilla.mozilla.org/show_bug.cgi?id=625496 [mozilla.org]
And "Clear recent history" will remove the cookies once flash 10.3 is released.

One down, ten more to go.. (0)

Anonymous Coward | more than 3 years ago | (#36025952)

Evercookie [samy.pl] supports over ten different data storage mechanisms, and if it finds valid data in just one of them, it re-replicates the cookie to the other storage methods.

Of course, being able to delete Flash cookies more easily is still a very much welcome improvement.

Firefox already allows you to delete Flash cookies (2)

CosaNostra Pizza Inc (1299163) | more than 3 years ago | (#36025974)

If you have the "BetterPrivacy" addon, you have control over Flash cookies.

There is already a way... (0)

Anonymous Coward | more than 3 years ago | (#36026102)

The caveat is it requires access to the Adobe website.

Right click any Flash object and click "Global Settings". On the following webpage click on the link to the Global Settings Panel.

Alternatively under Chrome: Options > Under the Hood > Clear browsing data > Adobe Flash player storage settings.

Re:There is already a way... (1)

yuhong (1378501) | more than 3 years ago | (#36030754)

Right click any Flash object and click "Global Settings". On the following webpage click on the link to the Global Settings Panel.

Yep, this page was there for some time, but only with Flash 10.1 did they add a entry to the pop-up menu that links to it.

Flash 10.3 beta helps too (3, Informative)

mccalli (323026) | more than 3 years ago | (#36026158)

The 10.3 beta tells you when a Flash application is trying to write to your local machine. I've been hitting 'Deny' on everything and no ill effects been seen so far.

Cheers,
Ian

There's a flipside (0, Funny)

Anonymous Coward | more than 3 years ago | (#36026362)

To the paranoids, great news, but just watch all the complaining when your favorite Flash game no longer has your highscores and game progress saved!

Re:There's a flipside (1)

Anonymous Coward | more than 3 years ago | (#36028694)

Paranoia and privacy concern are two different things.

Paranoia is when you think there's alien implants in your body and whatnot.

Privacy is more like a basic human right to have freedom-of-choice, without
thinking about what other knows about you.
(FlashCookies are a small part of this, but they can be combined with browser-
fingerprinting to allow near-complete tracking. Such tracking can be grown
and later combined with offline activities, and before we know it, 1984)

By that time we *wish* we could trade that for an alien tracking-implant :/

ability to delete Flash cookies (3, Informative)

doperative (1958782) | more than 3 years ago | (#36026434)

Under Linux delete the ~/.macromedia directory ...

Re:ability to delete Flash cookies (2)

Flyers2391 (1040486) | more than 3 years ago | (#36026662)

Exactly ... I keep this directory "list only" at all times. Sometimes sites don't work without being able to write there ... most of the time I don't care enough about the video to change rights, but I will if I'm watching The Daily Show or something.

When I'm done, I clear the directory and re-lock it. I did the same for the ".adobe" directory, not sure if it's necessary

Re:ability to delete Flash cookies (1)

LordStormes (1749242) | more than 3 years ago | (#36026868)

The point is, all these methods work, but they're all a royal pain in the ass. I don't want to go drop to a Linux command shell to get rid of cookies; that's why every browser has UI to do that for me. If a browser manufacturer knows there is crap cached on my machine related to my Internet browsing history, then when I ask it to delete all the Internet browsing history, it should delete it. Note that Windows doesn't have a "format my hard drive, but leave the porn alone" button (although this might be useful). Users have a right to expect that a browser's UI will do everything that it says it will, and that there is UI for all of the reasonable activities that might need to be done to keep themselves safe on the Internet.

Re:ability to delete Flash cookies (0)

Anonymous Coward | more than 3 years ago | (#36029666)

The point is, all these methods work, but they're all a royal pain in the ass.

Oh no, just set 'em up once. I have a shell script in my (KDE) autostart folder which essentially contains rm -rf ~/.adobe/Flash_Player/* ~/.macromedia/Flash_Player/*. Deleting the cookies once every login is enough for me.

I don't want to go drop to a Linux command shell to get rid of cookies

Gee, you can also delete dirs and files using point-and-click techniques under Linux if you have some GUI installed ;) ... otherwise, I think elinks doesn't use Flash ...

But you're right in that this should be controllable from within the browser.

Re:ability to delete Flash cookies (4, Informative)

MrL0G1C (867445) | more than 3 years ago | (#36027196)

..And for windows users, delete the /macromedia directory! (in ?:\Documents and Settings\UserName\Application Data\) or C:\Users\UserName\AppData\Roaming\

too late (0)

Anonymous Coward | more than 3 years ago | (#36027020)

Better Privacy already takes care of this.
I rather see a way to change the plugin settings without having to go tthrough their website. that concept just stinks.

Cheating at Flash games (1)

rwa2 (4391) | more than 3 years ago | (#36027198)

So much for One Chance [arstechnica.com] .

Damn (2)

Tailhook (98486) | more than 3 years ago | (#36027246)

Widespread use of this will make marketers focus on new tracking techniques. As it is they rely on cookies that are easily eradicated with simple tools, but are usually left alone by users. They don't have to remain that easy to thwart. They won't if all their analysis goes to hell 24h after 10.3 is released and auto-installed everywhere.

Re:Damn (0)

Anonymous Coward | more than 3 years ago | (#36027996)

I can safely pretend that 90% users don't manage or delete their cookies, even if browsers have offered some sort of cookie management forever.

LoL (0)

Anonymous Coward | more than 3 years ago | (#36027268)

Who cares? Why even install Flash at all?

How to delete Flash Cookies (2)

brit74 (831798) | more than 3 years ago | (#36027800)

Hat tip to chrome and IE for making this easier, but for those who don't already know, there is a way to delete flash cookies. Just click the "delete all sites" button after arriving at this webpage: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html [macromedia.com]

Firefox (1)

Anonymous Coward | more than 3 years ago | (#36028562)

One of the reasons I have stuck with firefox is the better privacy extension that deletes all the flash cookies every time I close the browser. It does not hurt that Chrome sucks at playing games like Runescape, trying to force text to the address/search bar instead of the in game type.

To zap my history on a Mac I use Automator... (2)

atrocious cowpat (850512) | more than 3 years ago | (#36029528)

... I created an Automator [apple.com] -Script that moves these files/folders:

~/Library/Cookies/Cookies.plist
~/Library/Safari/History.plist
~/Library/Safari/HistoryIndex.sk
~/Library/Safari/LastSession.plist
~/Library/Safari/Downloads.plist
~/Library/Safari/Databases
~/Library/Safari/LocalStorage
~/Library/Safari/TopSites.plist
~/Library/Safari/WebpageIcons.db
~/Library/Preferences/Macromedia/Flash Player
~/Library/Caches/com.apple.Safari
~/Library/Caches/QuickTime
~/Library/Caches/Adobe/Flash Player/AssetCache
~/Library/Caches/Metadata/Safari

... to the thrash.

Did I miss anything?

Re:To zap my history on a Mac I use Automator... (0)

Anonymous Coward | more than 3 years ago | (#36031566)

Well, I don't know about OSX, but I permanently blocked Flash cookies on my Debian system in one command.

# chmod -R 0500 ~/.macromedia/

Resolve the problem at the source (2)

theweatherelectric (2007596) | more than 3 years ago | (#36030182)

I avoid the problem to begin with by not installing Flash in the first place. It all depends on your usage patterns, of course, but I find I no longer need Flash. Yes, some websites or specific features of some websites just don't work without Flash but for me these cases are increasingly in the minority.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...