So you want to get rid of all those browser cookies that track your every move online and result in annoying, targeted Web ads. So you open up your browser settings and delete all or some of the cookies that have accumulated. But the targeted ads keep coming. So what’s up?
What’s up is a little Flash quirk that allows sites to store bits of code called “super cookies,” “persistent cookies,” or “zombie cookies.” No matter how you refer to them, their source is Adobe Flash which saves its version of cookies independent of any web browser functions.
The possibly insidious nature of Flash cookies containing personal information and then directly or indirectly sharing it with abandon became quite the brouhaha in 2009 and 2010. Because Adobe Flash, too often needed for playing videos and audio, also became a favorite carrier of malware, Adobe was compelled to repeatedly patch and update to ward off real and potential security threats. So although the current versions have mostly cleaned up the malware intruders, Flash still permits sites to add tracking and other miscellaneous cookies.
Here’s a step-by-step breakdown in how it works, using common sites as real-life examples.
- Let’s say Yahoo sells an ad to DoubleClick. This means when you open a Yahoo page with a DoubleClick ad on it, both Yahoo and DoubleClick save cookies to your browser settings.
- Say Amazon sells an ad to DoubleClick. When you go to Amazon pages, Amazon may peruse DoubleClick to see if you have visited Yahoo. When it learns you have (via the DoubleClick cookie), an Amazon ad may appear on Yahoo pages.
- Multiple this a thousand times over and you can see how your surfing information and other personal info can spread.
- If any of these sites also use Flash code, its cookies can be baked into your system like a Girl Scout cookie campaign. Unlike regular cookies, Flash cookies save and share data like web browser-stored cookies, but are not controlled by your browser. Flash saves its ‘cookies’ as Local Shared Objects or LSOs.