Local shared objects (LSOs), commonly called flash cookies (due to their similarities with HTTP cookies), are pieces of data that websites which use Adobe Flash may store on a user's computer. Local shared objects are used by all versions of Adobe Flash Player and version 6 and above of Macromedia's now-obsolete Flash Player.
While websites may use local shared objects for purposes such as storing user preferences, there have been privacy concerns regarding local shared objects, and they may be considered a breach of browser security.
Local shared objects contain data stored by individual websites. With the default settings, the Flash Player does not seek the user's permission to store local shared objects on the hard disk. By default, a SWF application running in Flash Player from version 9 to 11 (as of Sept 1, 2011) may store up to 100 kB of data to user's hard drive. If the application attempts to store more data than the allotted default, the user is shown a dialog to allow or deny the request for more storage space.
Adobe Flash Player does not allow 3rd-party local shared objects to be shared across domains. For example, a local shared object from "www.example.com" cannot be read by the domain "www.example2.com". However, the first party website can always pass data to a third party via some settings found in the dedicated XML file and passing the data in the request to the third party. Also, third party LSOs are allowed to store data by default. By default LSO data is shared across browsers on the same machine. As an example:
This is unique from cookies which have directory isolated storage paths for saved cookies while LSOs use a common directory path for all browsers on a single machine.
Many web based Flash games use LSO files to store the user's personal game data, such as user preferences and actual game progress. Backing up files such as these requires a more technical understanding of software, and would be considered by most average users to be a difficult task. However, both browser updates and programs designed to remove unused files may delete this data.
To help combat cheating, game developers may render LSO files unusable if moved or uploaded from another location or backup. This has been criticized, however, as it may cause users to lose data despite backups.
As with HTTP cookies, local shared objects can be used by web sites to collect information on how people navigate those web sites even if people believe that they have restricted the data collection. Online banks, merchants, or advertisers may use local shared objects for tracking purposes.
On 10 August 2009, Wired magazine reported that more than half of the top websites used local shared objects to track users and store information about them but only four of them mentioned it in their privacy policy. "Flash cookies are relatively unknown to web users," it said, "even if a user thinks they have cleared their computer of tracking objects, they most likely have not." The article further asserts that some websites use Flash cookies as hidden backups, so that they can revive HTTP cookies when user deletes them.
According to New York Times, since July 2010, there had been at least five class-action lawsuits in the United States against media companies for using local shared objects.
In certain countries, it is illegal to track users without their knowledge and consent. For example, in the United Kingdom, customers must consent to use of cookies/local shared objects:
| “ | Cookies or similar devices must not be used unless the subscriber or user of the relevant terminal equipment:
|
” |
|
-Information Commissioner's Office |
||
Local shared objects were the first subject to be discussed in the Federal Trade Commission roundtable in January 2010. FTC Chairman Jon Leibowitz has been talking with Adobe about what it describes as "the Flash problem."
Users can disable local shared objects using the Global Storage Settings panel of the online Settings Manager at Adobe's website. However, using this feature will permanently place a flash cookie on the user's computer, informing all other websites that the user does not want flash cookies stored on their computer. Users can also opt-out of them on a per-site basis by right-clicking the Flash Player and selecting "Settings" from the popup menu that will appear, or using the Website Storage Settings panel. The latter also allows users to delete local shared objects.
Users may also delete local shared objects either manually or using third-party software. For instance, BetterPrivacy, a Firefox add-on, or CCleaner, a standalone computer program for Microsoft Windows, allow users to delete local shared objects on demand.
Since version 10.3 of Flash, the Online Settings Manager (letting users configure privacy and security permissions via Adobe's website) is superseded by the Local Settings Manager under the Windows Control Panel, Mac OS System Preferences, Linux KDE System settings or Linux GNOME System > Preferences. Users of other operating systems still use the Adobe Online Settings Manager. Since at least April 2012 (v 11.2.202.233), updating by downloading a new Flash version resets the security and privacy settings to the defaults of allowing local storage[disambiguation needed] and asking for media access again, which may be against users' wishes.
Browser control refers to the web browser's ability to delete local shared objects and to prevent the creation of persistent local shared objects when privacy mode is enabled. As for the former, Internet Explorer 8, released on March 19, 2009, implements an API that allows browser extensions to co-operate with the browser and delete their persistent data stored when user issues a Delete Browsing History command. However, two years passed since its introduction until Adobe, on March 7, 2011, announced that Flash Player v10.3, which was still in development at the time, supports co-operating with Internet Explorer 8 or later to delete local shared objects.
Also on January 5, 2011, Adobe Systems, Google Inc., and Mozilla Foundation finalized a new browser API (dubbed NPAPI ClearSiteData). This will allow browsers implementing the API to clear local shared objects. Four months later, Adobe announced that Flash Player 10.3 enables Mozilla Firefox 4 and "future releases of Apple Safari and Google Chrome" to delete local shared objects, so since version 4, Firefox treats LSOs the same way as HTTP cookies - deletion rules that previously applied only to HTTP cookies now also apply to LSOs. This caused loss of data and backward-incompatible flash application behavior for those Firefox and Flash users which used HTTP cookies and Flash local shared objects for different goals. Mainly this had an impact on the flash gaming community, which relies heavily on Flash LSOs to store saved games. The resulting support requests cannot be solved favorably for the Mozilla Firefox users without changes to the browser, because of the introduced equivalence between HTTP and flash cookies. Currently, the workaround in use is to either configure the browser to never clear history data and cookies, or to revert the part of the changes affecting this use case, using third-party patches.
As for the behavior in browser's privacy mode, Adobe Flash Player 10.1, released on June 10, 2010, supports the privacy modes of Internet Explorer, Mozilla Firefox, Google Chrome, and Safari. Local shared objects created in privacy are discarded at the end of the session. Those created in a regular session are also not accessible in privacy mode.
The default storage location for local shared objects is operating system-dependent.
On Microsoft Windows NT 5.x and 6.x, they are stored in:
On Mac OS X, they are stored in:
On Linux or Unix, they are stored in:
For Linux and Unix systems, if the open-source Gnash plugin is being used instead of the official Adobe Flash, they will instead be found at:
When using Google Chrome the locations can change:
| Software | Developer | Operating system | Abilities | First public release | Latest stable version | License |
|---|---|---|---|---|---|---|
| Cookie Stumbler | WriteIt! Studios Ltd. | Mac OS X 10.6 - 10.8 | Remove | 2011 | 1.6.0.2 | Shareware |
| Cookie | SweetP Productions | Mac OS X 10.6 - 10.7 | Remove | 2011 | 3.0.14 | Shareware |
| Safari Cookies | SweetP Productions | Mac OS X 10.5 - 10.7 | Remove | 2009-04-12 | 1.9.4 (2012-04-05) | Freeware |
| BetterPrivacy | Ingo Krüger | Linux, BSD, Mac OS X, Windows (Firefox/SeaMonkey addon) | Remove, Read AMF0 | 2008-08-04 | 1.68 (2012-01-20) | ? |
| Dojo Toolkit | Dojo Foundation | OS-Independent | Write AMF0/AMF3 (in browser via Flash) | 2004 | 1.9.0 (2013-05-01) | BSD, AFL |
| MAXA Cookie Manager | Maxa Research | Windows | Remove | ? | 5.3 (2011-12-11) | Shareware |
| .minerva | Gabriel Mariani | OS-Independent (Adobe Air) | Read AMF0/AMF3, Write AMF0/AMF3, AMF0/AMF3-JSON | prior to 2008-07-15 (1.5.1) | 3.5.0 (2012-12-13) | BSD |
| PyAMF | Nick Joyce | OS-Independent | Read AMF0/AMF3, Write AMF0/AMF3 | 2007-10-07 | 0.6.1 (after 2010-08-11) | MIT |
| .sol Editor | Alexis Isaac | Windows | Read AMF0, Write AMF0 | 2005-02 | 1.1.0.1 (2005-02-21) | MPL |
| SOLReader | Alessandro Crugnola | Windows | Read AMF0 | 2007-10-25 | 1.0.0 (2007-10-25) | ? |
| FlashDevelop | Alessandro Crugnola | Windows | Read AMF0/AMF3 | 2009-06-14 (3.0.0) | 4.4.0 (2013-04-18) | MIT |
| SolVE | Darron Schall | Windows, Mac OS X | Read AMF0, Write AMF0 | 2004-09 | 0.2 (2004-10-15) | CPL |
| s2x | Aral Balkan | OS-Independent | AMF0-XML, XML-AMF0 | 2003-12 | 0.75 (2003-12) | Freeware |
| Click&Clean | Vlad & Serge Strukoff | Linux, BSD, Mac OS X, Windows (Firefox/SeaMonkey addon) | Remove | 2010-01-23 (3.6.5.0) | 4.1 (2013-03-16) | MIT |
|
||||||||||||||||||||||
HOT DESIGNS ▪ Premium designs ▪ Designs by country ▪ Designs by U.S. state ▪ Most popular designs ▪ Newest, last added designs ▪ Unique designs ▪ Cheap, budget designs ▪ Design super sale DESIGNS BY THEME ▪ Accounting, audit designs ▪ Adult, sex designs ▪ African designs ▪ American, U.S. designs ▪ Animals, birds, pets designs ▪ Agricultural, farming designs ▪ Architecture, building designs ▪ Army, navy, military designs ▪ Audio & video designs ▪ Automobiles, car designs ▪ Books, e-book designs ▪ Beauty salon, SPA designs ▪ Black, dark designs ▪ Business, corporate designs ▪ Charity, donation designs ▪ Cinema, movie, film designs ▪ Computer, hardware designs ▪ Celebrity, star fan designs ▪ Children, family designs ▪ Christmas, New Year's designs ▪ Green, St. Patrick designs ▪ Dating, matchmaking designs ▪ Design studio, creative designs ▪ Educational, student designs ▪ Electronics designs ▪ Entertainment, fun designs ▪ Fashion, wear designs ▪ Finance, financial designs ▪ Fishing & hunting designs ▪ Flowers, floral shop designs ▪ Food, nutrition designs ▪ Football, soccer designs ▪ Gambling, casino designs ▪ Games, gaming designs ▪ Gifts, gift designs ▪ Halloween, carnival designs ▪ Hotel, resort designs ▪ Industry, industrial designs ▪ Insurance, insurer designs ▪ Interior, furniture designs ▪ International designs ▪ Internet technology designs ▪ Jewelry, jewellery designs ▪ Job & employment designs ▪ Landscaping, garden designs ▪ Law, juridical, legal designs ▪ Love, romantic designs ▪ Marketing designs ▪ Media, radio, TV designs ▪ Medicine, health care designs ▪ Mortgage, loan designs ▪ Music, musical designs ▪ Night club, dancing designs ▪ Photography, photo designs ▪ Personal, individual designs ▪ Politics, political designs ▪ Real estate, realty designs ▪ Religious, church designs ▪ Restaurant, cafe designs ▪ Retirement, pension designs ▪ Science, scientific designs ▪ Sea, ocean, river designs ▪ Security, protection designs ▪ Social, cultural designs ▪ Spirit, meditational designs ▪ Software designs ▪ Sports, sporting designs ▪ Telecommunication designs ▪ Travel, vacation designs ▪ Transport, logistic designs ▪ Web hosting designs ▪ Wedding, marriage designs ▪ White, light designs E-COMMERCE DESIGNS ▪ Magento store designs ▪ OpenCart store designs ▪ PrestaShop store designs ▪ CRE Loaded store designs ▪ Jigoshop store designs ▪ VirtueMart store designs ▪ osCommerce store designs ▪ Zen Cart store designs CMS DESIGNS ▪ Flash CMS designs ▪ Joomla CMS designs ▪ Mambo CMS designs ▪ Drupal CMS designs ▪ WordPress blog designs ▪ Forum designs ▪ phpBB forum designs ▪ PHP-Nuke portal designs ANIMATED WEBSITE DESIGNS ▪ Flash CMS designs ▪ Silverlight animated designs ▪ Silverlight intro designs ▪ Flash animated designs ▪ Flash intro designs ▪ XML Flash designs ▪ Flash 8 animated designs ▪ Dynamic Flash designs ▪ Flash animated photo albums ▪ Dynamic Swish designs ▪ Swish animated designs ▪ jQuery animated designs WEBSITE DESIGNS ▪ WebMatrix Razor designs ▪ HTML 5 designs ▪ Web 2.0 designs ▪ 3-color variation designs ▪ 3D, three-dimensional designs ▪ Artwork, illustrated designs ▪ Clean, simple designs ▪ CSS based website designs ▪ Full design packages ▪ Full ready websites ▪ Portal designs ▪ Stretched, full screen designs ▪ Universal, neutral designs CORPORATE ID DESIGNS ▪ Corporate identity sets ▪ Logo layouts, logo designs ▪ Logotype sets, logo packs ▪ PowerPoint, PTT designs ▪ Facebook themes VIDEO, SOUND & MUSIC ▪ Video e-cards ▪ After Effects video intros ▪ Special video effects ▪ Music tracks, music loops ▪ Stock music bank GRAPHICS & CLIPART ▪ Pro clipart & illustrations, $19/year ▪ 5,000+ icons by subscription ▪ Icons, pictograms |
| Super Offers |
| Super Offers |
| Custom Logo Design $149 ▪ Web Programming ▪ ID Card Printing ▪ Best Web Hosting ▪ eCommerce Software ▪ Add Your Link |
| © 1996-2013 MAGIA Internet Studio ▪ About ▪ Portfolio ▪ Photo on Demand ▪ Hosting ▪ Advertise ▪ Sitemap ▪ Privacy ▪ Maria Online
|
