by   July 14 2011   
Flash Media Playing as it Records = Super Cookies! Count on them being very Persistent. This article is about Privacy and the fact that even after Super Cookies hit headline news sites are still forcing these cookies on your system even when you setup everything to deny cookies in your flash media adobe player or any other flash program.

Flash Media Playing as it Records = Super Cookies!

If they only would offer the same Warm fresh Cookies that Grandma makes.

UPDATED!!!! not sure why I didn't notice the scripts not working on some computers.

It might have been due to the fact "Roaming" was part of the folder string.
If the scripts below do not work for you remove the "Roaming" part of the path.
Example:
Old: %APPDATA%\Roaming\Macromedia\Flash Player\
New: %APPDATA%\Macromedia\Flash Player\
Don't forget to use quotes when a space is used in the path.

Next update: 

macromedia.com\support\flashplayer\sys

The file path which leads to folders with the hash, (example: #admin.brightcove.com)

I've added another line to my script to remove these directories. 

Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys 

Besides the "Tool Bar" div uncheck option loading after the install button you might want to check your flash player settings again. They are mostly reset after updates with this last update being no exception.

 

When you run the script be sure to run it a couple of times. It's a very basic script as you can see from the text version. Running it twice will show the folder removed by not listing a folder to delete. (Easy enough)

Internet Privacy: This article is about Privacy and the fact that even after Super Cookies hit headline news sites are still forcing these cookies on your system even when you setup everything to deny cookies in your flash media adobe player or any other flash program.

This was two articles which I have combined. The first was when I discovered the cookie and the second is what I do to correct the cookie issues.

Adobe developers are encouraged to use the tracking cookies system build into the Adobe Flash developer's software.

What? I can now develop a Super Cookie that is encrypted and I can pull data from it at any time from any Flash Media Player?

This article is focused on the Nielsen's Rating services that use Super Cookies to collect the data they need to resell. Now, if you feel this article is incorrect feel free to prove it technically Other than that, delete those Super Cookies, Block all Flash Cookies and avoid sites that do not respect your privacy settings when you do.

Since the first posting of this article I have noticed more sites and big sites attempting to push that super cookie down to the file folder level of your computer. I wrote a script that I run when my browser closes to see just who got paste my "Privacy Settings" which are set to "NONE" when it comes to allowing anything to be saved. I am going to publish the sites that force cookies to the point the Flash Accept or Deny screen never goes away when you click Deny. This has been what I have seen from sites that do not allow their content to be viewed without the user's cookie permissions set to allow them access to set a flash cookie. Now, if you tell me in English what you are doing then maybe I will allow your cookie. But as long as the cookie is encrypted it sure tells me you're not as up front and honest as me. Anyway, I can always go to YouTube to see the same video and they only ask once to Accept or Deny.


Can Nielsen's rating system know what videos you are watching online? Shock and Flash

I was blowing through VPN logs and ran across a few entries that I needed to investigate. Something told me the actions from a specific connection just didn't seem right. It was 138.108.7.20 which is Monitoring Page - cvgrhescsp038z.imrworldwide.com.

From the Title of this article you might think I'll be picking on Nielsen. Not true, the fact that they actually talk about collecting information from media files made them the perfect example of who you can trust if you like sharing your information. When you get into the Flash Players security settings and start seeing websites you never heard of before you should at that point start to be worried.

When I really started digging I found it was actually a video file tracking service. More specific it was a flash video that was directly connected with the Nielsen's Rating service.

I couldn't believe it, the TV Rating service now knows what flash videos you are watching? How in the world can this happen.

I know my client watching allot of online videos and I don't want to see the VPN logging every Nielsen tracking server so I looked a bit more and found just where this all was taking place.

Before I continue here's the reference links you will need for the Nielsen's system.

Nielsen Data collection:

http://nielsen.com/us/en/measurement/online-measurement.html

Privacy Statement:

http://www.nielsen-online.com/corp.jsp?section=leg_prs&nav=1

Next and the reason for this article is the Adobe Flash configuration module that isn't on your computer but online.

 

Place the Video Here Please!! I'm lazy and want to watch a 2 minute or less to the point no commercials video.

 

Download Video:

  1. MP4
  2. WebM
  3. Ogg

 

Adobe Flash Play Global Privacy Settings Menu

I didn't know that the only way you can set privacy settings in your Adobe Flash Player is to use their online Global Privacy Settings interface from their own website.

Here's a partial screen shot of the Global Privacy Control Panel.

Adobe Flash Global Privacy Settings control panel

Adobe Flash Player Privacy Control Panel MacroMedia.Com

The above settings panel is not on your local computer from as far as I can tell. The instructions online at macromedia also state that it's an online interface only.

So to make your flash player not save things like your internet browser you need to setup things before you switch to Private Browsing. (I bet this will get you between the eyes.)

Data is saved and grouped by the websites you watched or had SWF files load on. This includes advertisement banners and movies. Now, the one that interested me was the idea a iFrame can be embedded on the page and save the information to the flash cache folder (which I have no idea where it's located.) . Here is where I thought marketing has hired some very smart programmers.

If the Flash video in the 1px x 1px iFrame is all about data mining then the videos on the page can be grouped with the Nielsen's system. Combine all this together and it's like a smack in the face. You have all the plug-ins to block everything but did you overlook the flash player from our friends at adobe?

When you click the link above a new window will popup.

Tell me that doesn't look like a graphic picture. I had to really look to find everything I needed to set my privacy settings in the Flash Player.

This menu (below) is how you change categories.

Adobe Flash Player Control Panel Menu Selection

Spend some quality time with these settings and return to your config panel in about a week to make sure you are allowing just what you want to allow.

For the last screenshot I need to ask a question. If you turn off the P2P which means Person to Person do you see any changes with sites you use flash chat applications in? The idea of sharing bandwidth with any of the sites listed in the box just doesn't sound right. Can it be we are sharing more than we think with the Flash Players today? Even flash advertisements?

Adobe Flash Player Peer Assisted Networking control panel

This all is new so give me time and I'll soon track enough log reports to see just how all this takes place.

One screen you need to focus on is the storage size:

Global Flash Storage Settings panel stop the super cookie by super sizing down to null.

I make my own flash advertisements but never would I have thought I could track visitors and data mine from a single advertisement. I'll have to research the applications (if any) that do that.

Now that you know free videos do at times come with a cost of privacy you might finish setting up your Global Security Settings for Flash Player. Or you can continue to help marketing companies profit from your personal surfing habits and viewing choices.

Marketing statement:

Nielsen's comprehensive and innovative online measurement methodologies analyze consumer behavior and trends, advertising effectiveness, brand advocacy, social media buzz and more to provide a 360 degree view of how consumers engage with online media.

 


The Super Cookie aka Flash Cookie that tracks more than normal cookies.

Download Video:

  1. MP4
  2. WebM
  3. Ogg

How to Delete your Super Cookies

When the news announcing to the world (8-18-2011) that a new Super Cookie is out on the internet and you find articles on how to create your own super cookie dating back 3 or more years you have to wonder if research could help replace the word "New".

It should have been announced, "Old Super Flash Video and Game Cookie" has be updated to collect even more information about your surfing habits and you can't do a thing about it. (Ok, the last part sounded like a news report.)

You actually can do something about it.

  1. Remove Flash Player (not recommended, the internet would be boring'er)
  2. Set your Flash Player Settings.
  3. Delete the sol files stored on your computer.

In this article near the end I'll show you a simple method of removing these new/old super cookies. Instead of downloading more software that claims to clean up your Super Cookies (Flash MacroMedia Player Cookies) you can follow a couple of simple steps and do it yourself. If you want something to do it for you just ask, I have a vbs, cmd and bat file that will remove the files within the folder. Drawback is it will remove everything.

I just wrote an article about TV Rating systems using these Flash Cookies or how the news people like to call them "Super Cookies".

I also linked to the Adobe page where you can change your Flash settings to not except any saving of data. It is defaulted to 100kb so the cookie collectors can collect allot of information from you.

All in all it's a really good marketing method to target products to you. But it still is a tracking cookie and has nothing to do with the quality of the flash video.

I create my own flash advertisements and videos but do not place the "Cookie" code into the flash file. That requires additional or different software from what I have and it's not important for me to learn the last flash game you played.

But if you are serious about your Flash and don't want people knowing what flash advertisements, videos and games you have visited then setup your flash player to not accept any type of cookie and remove the storage space on your computer for the flash.

Here's the link you will need. http://www.macromedia.com/

Global Flash Storage Settings panel stop the super cookie by super sizing down to null.

Read the other article to get a jump start on setting up your flash player correctly.

Technical Notes:

Do you want to learn where these flash cookies are hiding in plain sight on your computer? Do you want to know who is making the Super Cookie? Do you want to be able to delete these cookies because you just don't trust anyone else to do it?

The article over at WikiPedia.org has allot to offer. I'll take a quick sniplet to show you how you can find the Flash Cookie Jar folder.

Before you begin deleting things from your computer let me show you that not all flash is bad.

The Keyword search, "Create Adobe Flash Cookie" will show you links to developers pages showing you the code you need to embed into your flash movie and the applications that do it. Macromedia or Adobe Flash will create folders to store flash in it. I have xtremecomputer.com listed in the folder section under macromedia.com\support\flashplayer\sys and I know for a fact I don't use the Adobe flash cookie code. (I can't afford it and wouldn't have the time if I could.)

It's really clear who the advertisers are but if not type the name of the folder into your favorite search engine and see what you come up with. List the folders by date to see who and what is active.

Always be careful about sys files that you are deleting. You don't want to break your computer over a tracking cookie looking to popup a netflicks advertisement.

To see which one is actually using the Flash Cookie check inside the folder for user_data.sol or any other file name ending with the .sol file extension.

The folder \Flash Player\#SharedObjects\ should have allot of folders that look like domain names. You might see www.xtremecomputer.com as a folder but you will not see a user_data.sol file in the folder because this site doesn't use flash cookies.

You can open the .sol file with your text editor (notepad) if you want to see just what is stored. Some may encrypt the data while others are clearly a query string id plain text.

From your RUN or SEARCH line after clicking the start button type in the following. (Copy / Paste would be faster.)

Windows XP :

%APPDATA%\Macromedia\Flash Player\#SharedObjects\

%APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\

Windows Vista / Win7:

%APPDATA%\Roaming\Macromedia\Flash Player\#SharedObjects\

%APPDATA%\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\

MAC:

~/Library/Preferences/Macromedia/Flash Player/#SharedObjects/

~/Library/Preferences/Macromedia/Flash Player/macromedia.com/support/flashplayer/sys/

Linux:

~/.macromedia/Flash_Player/#SharedObjects/

~/.macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/

If you want to read more from http://en.wikipedia.org/wiki/Local_Shared_Object click on the link.

In closing: Anything FLASH can have a cookie and that includes your Flash Chat when you connect to a website. Just remember one thing if you forget everything else. Everything you do online is tracked and monitored. Now, most times it's just for the admin of the site. But other times... It's for Marketing.

Now to Remove Super Cookies from your Macromedia folder.

Step One: Identify your operating system. (Windows Operating System for this method) if you don't know click on Start or the Windows Button and go to your Run or Search Line and type in the following.

From the RUN or Search line type: cmd.exe then type ver then click OK or hit the enter key.

You should see your OS version for Windows.

The screenshots below are for XP. Just jazz it up for Win7.

I have a simple script for those that do not know how or do not feel comfortable about browsing your root folders. The two script versions are based on your operating system.

I'll even post a script to show you your OS. They are vbs files which might trigger (it should) your security settings. Just allow it but only if you trust the file. No Warranty or Support is offered for these scripts. It's a run at your own risk.

Here's what will appear. If you are using Windows 7 or Vista you might have to start the cmd.exe application in Admin mode. Add this to your run line.

 

cmd.exe /ver How to find windows os version

CMD.EXE /ver find the version of Windows with command line

/ver How to find Windows Operating System Version.

Now that you know what operating system you are running copy the %AppData% line that ends with #SharedObjects and paste it into your run line or command line or your start search line. (so many location names for a simple start line)

SOL_Folders_Flash.jpg

The folder you are going to find your flash cookies in is going to be named something like in the image above. Letters and Numbers.

This will be or should be different for every computer I believe.

All sites that run flash movies, banners, or anything flash will have a folder here. That doesn't mean all of them are using super cookies. You can identify those by the SOL files within the folders.

Example: Because you visited this site you should see a folder like the image above. I use flash ads which I create that does not use the SOL cookies. The script below will help you identify your file location and files.

Windows XP Version:

View CMD code file as text document (Windows XP)

Right Mouse Click Save Target As or File As To Download (Windows XP)

Windows Vista and 7 Version

View CMD for Windows 7 and Vista computers.

Right Mouse Click then Save Target As or Save Link As to download. (Windows 7 / Vista)

Scripts Notice: 

Running scripts from just any website is something you should not do. The above two scripts are for customers and clients we serve. The XP script has been tested but the Windows 7 has not.

If you have any problems, questions, concerns or feedback about the scripts use the comments box below.

Disclaimer:

We have developed hundreds of local machine scripts and do things very well. the cmd scripting is very old fashioned so it might not look like our VB scripts. We do not warranty any of our scripts for the general public. But we do warranty all scripts for our clients and customers. If you are a customer and have any issues with running the script after we asked you to do so please give us a call.

You will need to rename the file by removing the .txt extension to run the CMD file.

My Example: (I'm going to show you how to delete a single file before you go deleting full file Folders.) Please make sure you type things correctly or you might delete something you really don't want to delete.

 

 

Flash Media Playing as it Records = Super Cookies! Count on them being very Persistent. This article is about Privacy and the fact that even after Super Cookies hit headline news sites are still forcing these cookies on your system even when you setup everything to deny cookies in your flash media adobe player or any other flash program.