As previously reported, flash cookies are web browser identifiers that cannot normally be removed from the browser client software environment without some serious registry editing and an un-install – followed by a re-install – of the web browser client application.
While scripts have been created to remove supercookies, there have been problems with cookies at least partly surviving the removal code execution, so creating stability problems for the web browser, Infosecurity notes.
According to Akhil Menon, a senior threat researcher with CA's total defence operation in India, the problem of flash cookies, which are used by Adobe Flash, has been severe, with many users being unaware of their existence on their machines, let alone how to remove them.
“Adobe has a settings manager on its website which can be accessed by a user to control how the flash cookies are handled on the user machine”, he says in his latest security posting, adding that clicking on the website storage settings panel option in the settings manager allows a list of stored flash cookies to be viewed or deleted.
By default, he notes, every site is allowed to store up to 100KB of information on the local machine. The same menu can be used to control the flash cookie size allowed for local storage against a particular website as well.
“However, when you delete these flash cookies, you may also remove information personalising or configuring your browse view for these sites. You may have to re-enter information the next time you browse to that website. Just as in life, every choice you make online involve the risks and rewards”, he says in his latest security posting.
But if you wish to completely stop the flash player from storing such cookies, the CA researcher says there is now an option in the setting panel called global storage settings.
“Under the global storage settings panel, by moving the slider down to none and checking the never ask again option, you allow no local storage space for flash cookies”, he says, adding that this approach disables flash cookie storage on the host PC from that point onwards.
It is also possible to to disable permissions for third-party flash content to store data on your computer or disable storage of common flash components, although he concedes these may interfere with your browsing experience.
“The recommendation here would be to keep a check on the flash cookies every now and then, and mitigate them via the settings manager”, he concludes.