dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
9766
share rss forum feed

Rebirth

join:2009-06-18
33333

1 edit

Evercookie - The nightmare is here

Well looks like it could be anyway !

From what i gather, it "appears" to be only HTML5 capable, but please advise if otherwise.

See what you make of it.

»samy.pl/evercookie

So how do/would we prevent these from happening, apart from no scripting ?

There are ongoing legal actions been taken as i write against some big companies, amongst others, who have been using persistent flash cookies without users knowledge and/or permissions, so it'll be interesting to see how this flys, or not !

-

Edit typo



Khaine

join:2003-03-03
Australia

Looks similar to »Re: Advertisers using HTML5 Features to Track Users

Its sad how much commercial the internet has become. While it has bought us amazing things like amazon, iTunes and the like, it also bought us marketing companies, spyware, tracking, profiling, data mining and so much other crap



SparkChaser
Premium
join:2000-06-06
Downingtown, PA
kudos:3

1 recommendation

reply to Rebirth

a word of warning going to samy.pl/evercookie with java enabled will get you a bunch of his 'evercookies'



Khaine

join:2003-03-03
Australia

1 edit

It looks pretty simple to block. All you need to match on is

<script type="text/javascript" src="evercookie.js"></script>
 

or even the function call to evercookie()

That won't stop people who obfuscate the code, and I'm sure there are more sophisticated methods of detecting and removing these 'evercookies'.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to SparkChaser

said by SparkChaser:

a word of warning going to samy.pl/evercookie with java enabled will get you a bunch of his 'evercookies'
How? I don't have Flash and I don't allow any kind of cache on my browsers (well, except IE6 because I have to there but I don't use that browser except for speed tests). So, I went to his site on Opera but I have no flash on Opera and no cache. So, how are his cookies set?
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


CylonRed
Premium,MVM
join:2000-07-06
Bloom County
reply to Khaine

Marketing companies and tracking data has been around for decades. Many, many decades.



ashrc4
Premium
join:2009-02-06
australia

1 edit

1 recommendation

reply to Rebirth

firefox 3 and html5 firefox 4 show the same result for sandboxie.
Looks like just another persistant flash cookie.


SparkChaser
Premium
join:2000-06-06
Downingtown, PA
kudos:3
Reviews:
·Verizon FiOS
reply to Mele20

said by Mele20:

said by SparkChaser:

a word of warning going to samy.pl/evercookie with java enabled will get you a bunch of his 'evercookies'
How? I don't have Flash and I don't allow any kind of cache on my browsers (well, except IE6 because I have to there but I don't use that browser except for speed tests). So, I went to his site on Opera but I have no flash on Opera and no cache. So, how are his cookies set?
Sorry, I did mean you personally. I meant the average user. Ummm, like me
--
--
--
"Facts do not cease to exist because they are ignored." - Aldous Huxley

“Children will not remember you for the material things you provided but for the feeling that you cherished them.” - Richard L. Evans


DownTheShore
Honoring The Captain
Premium
join:2003-12-02
Beautiful NJ
kudos:13
Reviews:
·Verizon Online DSL
reply to ashrc4

said by ashrc4:

firefox 3 and html5 firefox 4 show the same result for sandboxie.
Looks like just another persistant flash cookie.
Thanks for showing that tree. I would not have thought of checking there. For other Vista users who want to check that out, remember to go into Tools > Folder Options > View and uncheck "Hide Protected Files". That's the only way to see the cookies when using Windows Explorer.
--
Patriotism is not waving a flag, it is living the ideals

I want to retire to the Isle of Sodor and ride the trains.


OZO
Premium
join:2003-01-17
kudos:2

1 recommendation

reply to ashrc4

To stop Flash cookies once and for all there is a simple and reliable way. Check this post.
--
Keep it simple, it'll become complex by itself...



martg

join:2005-11-19

The BetterPrivacy Firefox extension gives the option to remove Flash cookies each time the browser closes.

»addons.mozilla.org/en-US/firefox/addon/6623/



ZZZZZZZ
Premium
join:2001-05-27
PARADISE
kudos:1

1 edit

BetterPrivacy for Firefox is a good extension,but Crap Cleaner also cleans Flash cookies if you run it.
--
~~Get our troops home...now!!~~



Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6
Reviews:
·Verizon Online DSL
·Time Warner Cable

1 recommendation

CCleaner had a habit of deleting the settings.sol file when cleaning flash so I made some adjustments in CCleaner to protect that file and this has worked for some time now.

Exclude

C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol

Include

C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\

C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\
--
"The gullible are ripe for conspiracy stories."


Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6
Reviews:
·Verizon Online DSL
·Time Warner Cable
reply to Mele20

quote:
How? I don't have Flash
How is that possible when in the other thread you said you have flash installed in IE?

»Re: Adobe Security Advisory for Flash Player CVE-2010-2884

If you have that flash evercookie then it seems that one of your programs that requires IE components to work may be downloading the flash evercookie.

Have you checked your programs that may use flash components to function to see if one of them may be downloading this cookie?

I do not see a big deal about this myself. YMMV
--
"The gullible are ripe for conspiracy stories."

PX Eliezer7
Premium
join:2008-08-09
Hutt River
kudos:13
Reviews:
·callwithus
·voip.ms
reply to martg

said by martg:

The BetterPrivacy Firefox extension gives the option to remove Flash cookies each time the browser closes.

»addons.mozilla.org/en-US/firefox/addon/6623/
Great firefox add-on!


Jim Gurd
Premium
join:2000-07-08
Livonia, MI
reply to Rebirth

I couldn't get it to work in IE at all. I kept getting javascript errors.

In Firefox it failed to restore the cookie after I ran CCleaner. Seems rather harmless to me.


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to Grail Knight

Yes, I wasn't as clear as I could have been. I meant that I don't have Flash installed on Opera which is the browser I used when going to the evercookie site.

The only program I know that uses Flash I have on Vista where I don't have FP installed. That is Avast which uses Flash for its ad for the free version. I wish they wouldn't do that. I really like Avast 5 and its GUI except for that and that will keep me from ever using Avast on a computer where I have to have Flash installed on one browser. Many times, I have removed Flash from IE6 for long periods (until I have to do speed tests because of a problem) and not had any problems with programs so I suspect none of them need Flash components.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson



eLulz

@eliablehosting.com
reply to Rebirth

This was trivial to defeat.

GNU/Linux users:

chmod 000 ~/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys
chmod 000 ~/.macromedia/Flash_Player/#SharedObjects
 

After executing the above just clear conventional cookies as you would. This is exciting old news, the Flash cookies have been around for some time now.


Jon jon

@sbcglobal.net
reply to Rebirth

I read an article that said the cookie is placed in 8 locations.
Even if you get rid of 7 of them, the cookie can "rebirth" itself from the one, it will be back in all 8 locations afterwards.
The article mentioned "persistent" cookie.



AB
Premium
join:2006-04-04
Leesburg, VA
kudos:3

said by Jon jon :

I read an article that said the cookie is placed in 8 locations.
Even if you get rid of 7 of them, the cookie can "rebirth" itself from the one, it will be back in all 8 locations afterwards
That's a lot of places-- not to mention a good plot for a horror movie.

Got a link to the article?

mysec
Premium
join:2005-11-29
kudos:4

2 edits

1 recommendation

Maybe this article that was linked at Wilders:

Zombie cookie wars: evil tracking API meant to "raise awareness"
»arstechnica.com/web/news/2010/09···ness.ars

________________________________________________________________________

One of the great uses of reboot-to-restore products such as Deep Freeze, Returnil, etc, is as a maintenance tool.

Anything written to a frozen partition in Deep Freeze, for example, is discarded on reboot.

You can choose to store a permanent browser cookie, if you want, but all other session cookies you permit will be discarded on reboot.

Local Storage Objects (LSO) aka Flash cookies are also nuked, of course.

This also applies to the evercookies. They may appear during the session, but will not be able to compile a tracking record since they will be discarded on reboot.



----
rich

markopoleo

join:2003-04-02
Bonne Terre, MO
reply to Khaine

said by Khaine:

Looks similar to »Re: Advertisers using HTML5 Features to Track Users

Its sad how much commercial the internet has become. While it has bought us amazing things like amazon, iTunes and the like, it also bought us marketing companies, spyware, tracking, profiling, data mining and so much other crap
Those 2 companies you mention are not amazing at all. They do some of the things you mentioned. lol


Khaine

join:2003-03-03
Australia

said by markopoleo:

said by Khaine:

Looks similar to »Re: Advertisers using HTML5 Features to Track Users

Its sad how much commercial the internet has become. While it has bought us amazing things like amazon, iTunes and the like, it also bought us marketing companies, spyware, tracking, profiling, data mining and so much other crap
Those 2 companies you mention are not amazing at all. They do some of the things you mentioned. lol
They are amazing in that they pioneered online shopping. Amazon has shaken up the publishing industry, and apple is slowly dragging the music industry into the 21st century.

I may not agree on some of there profiling, and data mining tactics, but you can't deny how much they have shaped the online world.


ironwalker
World Renowned
Premium,MVM
join:2001-08-31
Keansburg, NJ
reply to Grail Knight

said by Grail Knight:

CCleaner had a habit of deleting the settings.sol file when cleaning flash so I made some adjustments in CCleaner to protect that file and this has worked for some time now.

Exclude

C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol

Include

C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\

C:\Users\YOURNAME\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\
I got this from you awhile back in the firefox forum, but, when you pasted the code I saw *.* at the end of the include and exclude items, is it not needed?

I have my sys and shared objects folders hidden and write protected after my settings were made, keeping my settings.sol file at all times so I really do not need the included in ccleaner but for other boxes I work on I am curious. The *.* just means "any file" seems though, that it is redundant, correct?
--
Live Free or Die!
»sidux.com/
»www.chronixradio.com



Grail Knight

Premium
join:2003-05-31
Valhalla
kudos:6
Reviews:
·Verizon Online DSL
·Time Warner Cable

2 edits

1 recommendation

CCleaner is using *.* as a blanket delete of a folder contents by all appearances. You do not need to type it in as CCleaner adds it depending on the type of file or folder selected.

I only copy & pasted the locations so what I have here is exactly what CCleaner is using to Include & Exclude files and folders and the functions work and files are deleted or saved as indicated.

Edit* II Spelling
--
"The gullible are ripe for conspiracy stories."



AB
Premium
join:2006-04-04
Leesburg, VA
kudos:3
reply to mysec

said by mysec:

Maybe this article that was linked at Wilders:

Zombie cookie wars: evil tracking API meant to "raise awareness"
»arstechnica.com/web/news/2010/09···ness.ars
Yep. Thank you.

He mentions 8 potential places-- obviously, if you're not availing yourself of HTML5 or Silverlight, for example, those places aren't there for the cookie to find lodging.

cbs228
Geeks Of The World, Unite

join:2000-09-04
Saint Louis, MO
reply to Rebirth

said by Rebirth:

So how do/would we prevent these from happening, apart from no scripting ?
If you're worried about 3rd-party advertisers tracking you, then Adblock Plus for Firefox will do the trick. Even if they have unstoppable cookies that can never be deleted, they cannot affect you if you do not connect to their servers in the first place.

I am sure that as tracking methods like this become more and more commonplace, Mozilla (and/or third-party developers) will improve the cookie deletion feature and close some of the scripting holes (such as CSS history) that evercookie takes advantage of.
--
At our school, we don't earn a degree when we graduate—we earn /180 radians!

GENERAL FAILURE READING ©: DRIVE
(A)bort, (R)etry, (F)rivolous Lawsuits, (B)ribe Congress?


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to mysec

The full Ars article is here, mysec See Profile
»arstechnica.com/web/news/2010/09···ness.ars
The system is flagging this link as having been posted in this thread already but I'll post it anyway.



bent
and Inga
Premium
join:2004-10-04
Loveland, CO
reply to Khaine

said by Khaine:

Looks similar to »Re: Advertisers using HTML5 Features to Track Users

Its sad how much commercial the internet has become. While it has bought us amazing things like amazon, iTunes and the like, it also bought us marketing companies, spyware, tracking, profiling, data mining and so much other crap
What is Amazon if not a marketing company? iTunes as well for that matter...
--
Greedy Old Pigs v. The Donkey Show


Khaine

join:2003-03-03
Australia

said by bent:

said by Khaine:

Looks similar to »Re: Advertisers using HTML5 Features to Track Users

Its sad how much commercial the internet has become. While it has bought us amazing things like amazon, iTunes and the like, it also bought us marketing companies, spyware, tracking, profiling, data mining and so much other crap
What is Amazon if not a marketing company? iTunes as well for that matter...
They sell products, they use marketing to help in this endeavor. When I referred to marketing companies I meant things like doubleclick.