Last week Mark Zukerberg showed off the new Facebook Timeline during the company’s f8 keynote. Announced as a new way of presenting yourself on Facebook, the Timeline is an autobiography of your Facebook-shared life. But how Facebook is securing that life could surprise you. More »
This article was written on December 30, 2009 by CyberNet.
Ever since consumers started gaining access to the internet, cookies have been controversial. They have a lot of legitimate uses, such as helping websites remember that you’re logged in. On the other hand, privacy campaigners have often voiced concerns about ad networks using cookies to gain information about your surfing habits. Although browsers will let you disable regular cookies completely if you want, this doesn’t keep sites from storing a more sophisticated type of cookies on your computer…
How is it possible that sites can still track you even if you’ve disabled cookies? The answer lies within a browser plugin that is installed on approximately 99.0% of Internet-enabled computers worldwide: Flash. In version 6 of the popular plugin, something called Local Shared Objects was introduced. This allows websites to store a small amount of data on your computer. But hey, wait a minute… that sounds an awful lot like the concept of cookies.
There are three major reasons why we should be cautious with Flash cookies:
Calm down
Don’t panic. Flash cookies don’t will not send your social security number to criminals or anything like that, but it is important that you understand what they could be used for to make an informed decision about them.
Let’s have a closer look at a common “evil” use of cookies in general: marketing. Sites A, B and C display ads from ad network X on their site. If you go to site A for example, the ad network can place a cookie on your computer that contains the URL you just visited. As you go from site to site, perhaps including site B and C, the network can collect the URLs that display their advertising to generate an anonymous profile about you, containing such information as your interests, political orientation, beliefs, age and the region where you live.
So basically Flash cookies do what regular cookies do too, except that Flash cookies can contain more data and never expire. If that doesn’t sound bad to you, Flash cookies are nothing to worry about.
Finding your Flash cookies
To help us find and delete Flash cookies, we’re gonna need a Firefox add-on called BetterPrivacy. After installing it, you can start it by going to Tools > BetterPrivacy. If you take a look at the screenshot, you can see that I’ve been playing a Flash game called Level Up and that I have been using Gmail’s web interface. All entries that begin with a hash are harmless because they’re related to Flash’s preferences.
There are two entries that caught my eye: cnettv.cnet.com and vizu.com. CNET TV appears to have stored data in a file called OVPMetricsProvider.sol, which leads me to believe this cookie is used solely to do detailed site analytics. I didn’t remember going to Vizu.com, so I looked it up. A quick search revealed that it is an analytics company, therefore people who are concerned about their privacy probably don’t want this cookie around.
Deleting Flash cookies
Unfortunately, BetterPrivacy can’t block Flash cookies as of yet. You can however let it delete your Flash cookies on demand with a hotkey or automatically every couple of hours. I’m not too paranoid about my privacy, so I went with the less radical solution of having BetterPrivacy delete my Flash cookies when quitting Firefox. All these options can be accessed on the second tab of the add-on’s preferences window.
Much like regular cookies, Flash cookies also have legitimate uses you don’t want to block. After all, you don’t want to lose your progress in that Flash game you’ve nearly finished. Luckily you can whitelist certain Flash LSOs so that BetterPrivacy won’t delete them. This can be done by going to the first tab of the settings window, selecting an entry and clicking the ‘Prevent automatic LSO deletion’ button.
The tips in this article only cover Firefox. If you have Opera/Chrome/IE/Safari tips that fit in with the article, please do share them with us in the comments.
Copyright © 2011 CyberNetNews.com
Related Posts:
Old Uncle Sam seems determined to crack down on botnets, but he still needs a little help figuring out how to do so. On Wednesday, the Department of Homeland Security and National Institute of Standards and Technology (NIST) published a request for information, inviting companies from internet and IT companies to contribute their ideas to a voluntary “code of conduct” for ISPs to follow when facing a botnet infestation. The move comes as an apparent response to a June “Green Paper” on cybersecurity, in which the Department of Commerce’s Internet Policy Task Force called for a unified code of best practices to help ISPs navigate through particularly treacherous waters. At this point, the NIST is still open to suggestions from the public, though Ars Technica reports that it’s giving special consideration to two models adopted overseas. Australia’s iCode program, for example, calls for providers to reroute requests from shady-looking systems to a site devoted to malware removal. The agency is also taking a hard look at an initiative (diagrammed above) from Japan‘s Cyber Clean Center, which has installed so-called “honeypot” devices at various ISPs, allowing them to easily detect and source any attacks, while automatically notifying their customers via e-mail. There are, however, some lingering concerns, as the NIST would need to find funding for its forthcoming initiative, whether it comes from the public sector, corporations or some sort of public-private partnership. Plus, some are worried that anti-botnet programs may inadvertently reveal consumers’ personal information, while others are openly wondering whether OS-makers should be involved, as well. The code’s public comment period will end on November 4th, but you can find more information at the source link, below.
US government to beat back botnets with a cybersecurity code of conduct originally appeared on Engadget on Fri, 23 Sep 2011 14:34:00 EDT. Please see our terms for use of feeds.
Permalink 
Ars Technica | 
Federal Register | Email this | Comments
Add “getting into your house” to the list of things you won’t be able to do if you lose your phone, thanks to Yale’s fancy new NFC-controlled lock.
The touch-screen locks use a companion app on an NFC (near field communication) phone (in the demo video, an iPhone with an NFC case is used). You select the correct “key” from the app, hold the phone up to the lock and you’re done. The lock recognizes a friendly key and opens up.
With more phones likely to feature NFC chips in the near future, this kind of tech is likely to get more common. The phone has already replaced computers, books, cameras and MP3 players. Next it’ll be wallets, keys, loyalty cards and probably even train and plane tickets. Just don’t leave home without a charger.
Yale Door Locks: Is NFC the Next Big Thing in Home Tech? [CE Pro]
Press release [CE Pro / Yale]
See Also:
Micron may think it’s simply “bolstering user security” but, if you ask us, it seems like the company is providing the machines with a tool to protect their plans for insurrection. The RealSSD C400 SED has a special, security-focused firmware and hardware-based AES-256-bit encryption that keeps all of its precious data safe from prying eyes. The hardware self-encryption solution also frees up a computer’s processor to focus on more important tasks (like planing the enslavement of mankind), rather than waste precious resources on protecting sensitive information. The C400 SED will ship sometime during Q4 in 128GB, 256GB and 512GB varieties. Price has yet to be announced, but we’re not sure that Skynet really cares what the cost is. After all, it can just tell Micron’s order-processing system to send a bunch out free of charge.
Micron adds self-encryption to RealSSD C400, protects plans for world domination from prying eyes originally appeared on Engadget on Wed, 21 Sep 2011 17:32:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | Comments
When naked pictures of Scarlett Johansson hit the internet, take notice—but not for that reason. More »
Intel has long provided hardware-level anti-theft technology, primarily for its enterprise customers. But, as users become increasingly mobile, the need to extend those protections to average consumers has become more and more apparent. McAfee is teaming up with Chipzilla to create a consumer-friendly software package that will interact with the chip-level anti-theft tech that will be packed into every Ultrabook. Details about the software are pretty slim for the moment, but we know it’ll feature remote lock, remote wipe and location tracking to help you recover you precious lappy and keep your personal data out of the hands of ne’er-do-wells. The suite will start shipping alongside the tiny notebooks next year, but while you wait, check out the PR after the break.
Continue reading McAfee and Intel partner up to put anti-theft tech in Ultrabooks
McAfee and Intel partner up to put anti-theft tech in Ultrabooks originally appeared on Engadget on Wed, 14 Sep 2011 18:01:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | Comments
If you keep close watch over your digital belongings like we do, security is an utmost concern for external storage devices. Now you can keep your valuables under lock-and-key with Satechi’s LockDown — a SATA HDD enclosure that guards data via an encrypted 256 bit protection and allows lightning fast USB 3.0 transfer speeds. Utilizing a touch keypad on an OLED display, the device is only accessible through a 4 to 8 digit passcode — even if it’s connected to a PC or another device. This gives you the ability to keep “your backup data as secure as the data on your personal computer.” Pretty sweet, right? The LockDown plays nice with both Mac and PC and is shipping now for $90. Hit that PR link just past the break if you’re looking to lock down those precious research papers… see what we did there?
Continue reading Satechi will LockDown your SATA hard drive, boasts USB 3.0 too
Satechi will LockDown your SATA hard drive, boasts USB 3.0 too originally appeared on Engadget on Wed, 14 Sep 2011 15:49:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | Comments
Attention celebrities, I have some shocking news: People really want to see you naked. So if you take a photograph of yourself in the buff, someone’s gonna find it. So put down that cameraphone. Or don’t! More »
Kensington already came out and admitted that employees don’t actually use the locks handed to them on their first day of work. And yet, it’s betting folks will want to swaddle their iPads in a thick layer of plastic and chain them to their desks. That, in a nutshell, is the idea behind the SecureBack, an iPad 2 case that allows you to lock down the tablet, armor and all, just as you would a laptop. That beaut you see up there is a three-part affair, with two pieces of plastic that come together to cover the back and are held together by a sliding slat. That’s just the case, mind, you — to lock it down you’ll also need one of Kensington’s ClickSafe locks, which the company already makes for laptops. It’s up for pre-order now, with a standard version fetching $50 and a souped-up one with a kickstand going for $70. If you don’t already have a compatible lock, you can also buy one bundled with the case, with that extra hardware adding thirty bucks to the cost. Full PR and a demo video after the break because really, what’s more hypnotic than watching a set of hands dissemble a case?
Gallery: Kensington SecureBack cases
Continue reading Kensington’s SecureBack case is like The Club for iPads (video)
Kensington’s SecureBack case is like The Club for iPads (video) originally appeared on Engadget on Wed, 14 Sep 2011 00:01:00 EDT. Please see our terms for use of feeds.
Permalink | Amazon (1), (2) | Email this | Comments
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.
