Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The UC Berkeley research, which was submitted to the federal government for consideration as part of a new policy on the use of tracking technologies, found that Flash cookies were used on 54 of the top 100 websites. Similar to HTTP cookies, Flash cookies are a mechanism to store information about a user's preferences for websites that use Adobe Flash, a multimedia platform for viewing videos.Unlike traditional HTTP cookies, Flash cookies are not controlled by the browser, so erasing HTTP cookies does not erase Flash cookies – enabling some websites, particularly advertising networks wishing to track users' browsing habits, to deter users' efforts to avoid being tracked, according to the report.“Flash cookies are a popular mechanism for storing data on the top-100 websites,” the report states. “Some top-100 websites are circumventing user deletion of HTTP cookies by respawning them using Flash cookies with identical values.” When users visit a site that is using cookies, they are given a unique identifier, Ashkan Soltani, a UC Berkeley graduate student and lead researcher on the study, told SCMagazineUS.com. When HTML cookies are deleted, the users would get a new value when visiting the site. But when Flash cookies and HTML cookies are given the same value, as they were on 31 of the top 100 websites, “it will restore the value of your original cookie, and thereby nullifies the deletion of the HTML cookies”, Soltani said. The most popular Flash cookies were named, “volume”, “userid”, and, less commonly, “computergrid.” The names of the cookies indicate that they are being used to log a user's preferences for music and video players, user identification names, and, less frequently, the user's location. The UC Berkeley study found that three of the six US government websites they analysed used Flash cookies, including WhiteHouse.gov, which collects a “userid” Flash cookie. Users can delete Flash cookies by going to Adobe's Flash Player settings manager website – but many users are not aware of Flash cookies, the report states.In general, cookies have many legitimate uses.“For example, every time you use a 'shopping cart' at an online store, or have a website remember customised settings and preferences, cookies are being used,” according to a July 24 blog post written by US government CIO Vivek Kundra and Michael Fitzpatrick, associate administrator of the OMB Office of Information and Regulatory Affairs. But other cookies enable advertising networks to uniquely identify a user -- by his or her username -- and track that user's browsing behavior to build a profile about him or her, Soltani said. The US government is considering whether cookies should be used on government websites, according to Kundra and Fitzpatrick's blog. “If there's a discussion about regulation and the use of HTML cookies, we are saying technology-specific regulation and policy is a bad idea,” Soltani said. Soltani said that instead of regulating cookies, the US government should regulate the practice of tracking in general. Soltani said there are other technologies that could potentially enable tracking in a way similar to Adobe Flash, such as Microsoft ActiveX controls or DOM Objects. See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.