January 2011 - A new browser API (NPAPI ClearSiteData) for clearing Local Shared Objects (LSO) was suggested by several companies, including Adobe, Google and Mozilla. This will allow browsers implementing the API to clear Local Shared Objects. (The Adobe Flash Platform Blog: On Improving Privacy: Managing Local Storage in Flash Player.)

What do you know about Cookies or “Flash” cookies? 

In general, cookies are created on your PC in the form of small files which keep track of data like specific website settings, usernames and actions taken. The major browsers out there allow you to remove the cookies placed on your PC.  The Flash Cookie however, stays, even when you exit the website or manually delete "cookies" from your browser’s control panel.  

This has been problematic to users as privacy concerns have been raised regarding the cookies your computer keeps. Unlike traditional cookies, which are HTML based, flash, is an add-on that isn’t HTML based; so these cookies in particular have had consistent staying power.

Local Shared Objects (LSO) are generally called "flash cookies." Like  HTTP cookies, they are snippets of data that web developers can keep track of when utilizing Adobe Flash on their websites. What’s crucial here is that LSO's are stored on your personal computer and are not temporary files.

The privacy problem comes into play as you have had no control over these cookies stored on your own personal computer, but someone else does. 

Getting Rid of LSO's.

March 2011 - Introducing Flash Player 10.3 beta!  Still in testing but improvements were definitely on the way.

April 2011 - Enter Adobe Flash Player 10.3 Release Candidate. This Adobe release candidate coordinates with the Internet Explorer v8 and v9 "delete browsing history" feature. Don’t download AFP 10.3 Release Candidate until you’ve read all the notices and understand the usage as a developer.

May 2011- After installing the final release, when you delete all cookies, you will actually be "deleting all cookies" and the flash cookies will flush along with the rest. The MS Internet Explorer Blog (IEBlog) announced on May 3, 2011 that IE8 and IE9 can now respond to the privacy issue having long been debated.

There are also software packages that enable the user to clear these troublesome cookies. CCleaner, a standalone program for MS Windows grants permission for its users to delete Local Shared Objects on-demand. The Better Privacy add-on for Firefox also allows for deleting LSO's. Both are free to the user.

The latest developers release of Google Chrome provides a way to remove LSO’s (flash cookies) that will probably be in the next full release version of the browser. 

Firefox should also follow suite soon because Mozilla worked with Google and Adobe to implement the new Adobe feature, even though there is an add-on currently available (Better Privacy, as mentioned above).

Once all the browsers make their updates, when you delete all cookies, you will actually be "deleting all cookies" and the flash cookies will vanish with the rest. 

This is the good news for the privacy side of a debate that has flown under the radar for some time for the general web user audience. Web developers have been all too aware of LSO’s (those darn Flash cookies) but users have been left in the dark.

See Also: Sneaky Silverlight (and Isolated Storage) - Another bad batch of Cookies

Post your comment

Submit