Feeds

Evil flash cookies easier to delete with new Adobe player

Scrub data barnacles from your browser's keel

Internet Security Threat Report 2014

Controversial "Flash cookies" can now be deleted from within web browsers like more traditional cookies, the software company behind Flash technology has said.

Adobe has released a new version of its Flash player which gives users the kind of control over its cookies to which they have become accustomed with normal web page cookies.

Websites store information about users' online activity in small text files, called cookies, on users' computers. Users are able to delete this information through their web browser but until now it has been more complicated for users to delete information websites collect about them through Flash.

The "Flash cookies", also known as local shared objects, can now be deleted through users' browser settings, Adobe said.

"Flash Player 10.3 enables local storage clearing within browsers' privacy settings and streamlines the controls of the Flash Player privacy, security and storage settings within the local control panel of desktop [operating systems]," Adobe said on its online Flash Player blog.

The new player is supported by Android, Linux, MacOS and Windows operating systems, Adobe said.

The "Flash cookies" can be deleted from Mozilla Firefox 4, Microsoft Internet Explorer 8 and higher, Google Chrome 11, and a future releases of the Apple Safari and Google Chrome browsers, Adobe said in release notes about its new software.

Previously the only way for users to delete the information was through an online settings panel on the Adobe website.

Earlier this month Microsoft announced that it had upgraded its settings to adapt to Adobe's new software.

"When we released IE8, we added [application program interfaces] for Internet Explorer so that add-ons such as Flash can respond to Delete Browsing History and InPrivate Browsing, allowing consumers to delete Flash cookies along with other data in browsing history," Andy Zeigler, program manager for Internet Explorer, said in a blog post.

There have been privacy concerns about a website's ability to track user activity through "Flash cookies". Online companies can use the information obtained from Flash applications, such as adverts and videos, to regenerate cookie data that users had otherwise deleted in their web browser settings.

Advertising networks use information collected from cookies about internet users to decide which adverts to show that user. Advertisers hope that this process results in users seeing "targeted" ads that they will be more likely to act upon.

In 2009 the European Commission announced a package of telecoms reforms that included changes to the way the EU Directive on Privacy and Electronic Communications treat cookies.

The new law said that sites must have a user's consent before placing a cookie in their browser.

Industry groups have argued that a user's browser settings can indicate consent to the use of cookies, but privacy lobbyists have said that this does not represent full consent.

The Information Commission's Office (ICO) published a guide on Monday that said online businesses should not rely on browser settings for consent. Websites could prompt users with questions about consent or obtain permission from users when they sign up to the site's terms and conditions, the ICO said.

Website features, such as videos, that remember how users personalise their interaction, can also determine user consent, the ICO said.

The guide was issued to advise websites how to comply with the new cookie law when it comes into force in the UK from 26 May.

Copyright © 2011, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Internet Security Threat Report 2014

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
HTML5 vs native: Harry Coder and the mudblood mobile app princes
Developers just want their ideas to generate money
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.