Bloggin’ Cool

I’m subscribed to various techie newsletters and I have certainly learned a thing or two from them. This time, I’d like to share with you something that, in my belief, not only techie but not-so-techie people should know about: How to protect your privacy and security while surfing the net.

Most of us know how to delete/block cookies from unwanted websites so that our surfing habits are not tracked and avoid getting profiled by marketing companies such as doubleclick.net, quantserver.com, questionmarket.com, etc. so they can serve us ‘customized’ advertisement that might be of our interest.

If you thought you were safe from being tracked, think again. Although you can block cookies, marketing companies, and other kind of websites, have other ways to track you without using regular cookies. They use Flash Cookies.

Flash Cookies are not browser dependant; in other words, it doesn’t matter if you used Internet Explorer to visit yourfavesite.com the first time, you’d still be tracked if you visit it again using Firefox or Opera.

The following, is an excerpt from the article Tracking with Flash "Cookies" I read:

First, Flash operates outside the boundaries of your browser. Much like Java applets, Flash movies are independent and rely on the security model within itself. As a result, it has been discovered that Flash movies do not follow the rules that browsers have implemented for years. For example, you can change the referrer in a Flash GET request made to a website. In addition, you can also send HTTP Basic Auth requests via Flash files. As a result, it is trivial to use a hidden Flash movie on a website that attempts to gain access to your firewall/router via hidden HTTP GET requests. If your router’s password was not changed from the default, a malicious Flash file can change your settings.

Since Flash runs independently from the browser, it needs its own temporary storage area for web sites to store information related to the Flash movie. In many ways, this process mirrors how browsers and cookies operate. With one exception, not many people know about this dump and, as a result, they don’t know it should be cleaned out with the cookies. Otherwise, you could be leaving behind sensitive data that you were not even aware existed.

Nice. So how can you avoid being tracked by these Flash Cookies? Here, I’ll show you how.

You’ll need to access the Adobe Flash Player Settings Manager. Where’s this Settings Manager? not on your computer. It’s an online panel where you can set your Flash Player preferences. Online panel? <sarcasm>how nice! The not-so-techie people would find this panel even with their eyes closed and protect their privacy in no time!</sarcasm>

The Adobe Flash Player Settings Manager has 6 tabs:

• Global Privacy Setting
• Global Storage Setting
• Global Security Setting
• Global Notification Setting
• Website Privacy Setting
• Website Storage Setting

We’re going to use 2 of those tabs for now because we don’t want anything to be stored on your computer.

(Click on the image to go to the respective settings tab. Like it says on the Adobe website, keep in mind that the Settings Manager that you will see is not an image; it is the actual Settings Manager. Click the tabs to see different panels, and click the options in the panels to change your Flash Player settings.)

Global Storage Settings

Your current setting might look something like this:

You don’t want that, right? so I’d suggest you to change your setting so they’ll look like this:

Website Storage Settings

Now, your Website Storage Settings should look like this:

If they don’t, change them so that they do look like the above image. If you want, you can delete all sites from the Visited Websites list.

That should do it. This should prevent websites from storing cookies or other content on your computer that could track your surfing habits.

Hope this helps you to keep your privacy more… hum.. private.

*something informative for a change, huh? ;)*

—-
I would also recommend you to read the article: Information as a Weapon of Mass Destruction