If at first you don't succeed; call it version 1.0
Monday, August 17, 2009

ThreatPost’s Denis Fisher wrote a blog post about “Flash cookies and privacy” research paper, which states that over 50% of the websites are using Flash cookies to track users.
This is very disturbing, and as Denis wrote in his post, “On the most basic level it's clear evidence that the advertisers, site owners and their affiliates are continuing to look for new, less obvious ways to gather information on site visitors and track their movements around the Web”.

Unfortunately, what’s more disturbing, in my opinion, is the fact the Flash cookies can be used to bypass the new “security” feature implemented in most of the browsers today: “Private Browsing”.
According to Mozilla: “What Private Browsing will not retain - Cookies: Files created by websites, that store information on your computer, such as your preferences when visiting that site (when a website has a "remember this" checkbox, it is using a cookie) will not be stored.”. This is the same for other browsers that implement the “Private Browsing” feature.

To test this problematic issue you can do the following:
1) Open this flash (created by Philipp Kostin) in your browser "regular mode".
2) Enter some details and click “Save”.
3) Open the same flash in “Private Browsing” mode.
4) You should see the information you entered in the regular browsing mode appears in the “Private Browsing” mode.


 


 

I think Adobe should work with browser vendors and fix this. Until then “Private Browsing” is totally useless.

 

 


Monday, August 17, 2009 4:54:06 PM UTC | Comments [1] | Security#
Send me an Email
Follow me on Twitter
RSS Feeds
  
Blogroll
Archive
Admin Login
Sign In
Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.