LSO cookies

by **ampakine** on Fri Sep 23, 2011 1:37 pm ([msg=61767]see LSO cookies[/msg])

I read that LSO cookies can be read by any website, not just the website that created them. Is that true? If so, what kinda information could you obtain if you were to log the LSO cookies of all the visitors to your site?

by **limdis** on Fri Sep 23, 2011 1:58 pm ([msg=61769]see Re: LSO cookies[/msg])

LSO cookies are primary used for Flash. They pretty much work like any other cookie but are much harder to get rid of. So with enough time (and some malicious intent) of viewing a website which incorporates flash, there is the potential that they can view which websites you have been visiting prior to your current location. It is possible to go as far as finding out where you have been shopping, what you were shopping for, what kind of pron you are into, and your social network account names, etc.

To totally avoid this kind of attack would be to completely remove flash. But that would suck... I love me some flash personally. The next thing is to make sure you delete your cookies on a regular basis. If the information is not there, the worst that could happen would be that the attacker is able to only view a list of websites that you have visited that also incorporate flash.

Recent updates to flash should have mended this problem with LSO.

Found an article so I'll link - why duplicate effort eh? http://www.devdaily.com/internet/flash-cookies-lso-web-browser-privacy-security-internet

by **limdis** on Fri Sep 23, 2011 2:29 pm ([msg=61772]see Re: LSO cookies[/msg])

I wasn't aware of the add-on. Good find 8-)

limdis wrote:To totally avoid this kind of attack would be to completely remove flash. But that would suck... I love me some flash personally. The next thing is to make sure you delete your cookies on a regular basis. If the information is not there, the worst that could happen would be that the attacker is able to only view a list of websites that you have visited that also incorporate flash.

Heres a firefox plugin that informs you whenever LSO cookies have been stored:
https://addons.mozilla.org/en-US/firefo ... erprivacy/
it gives you the option to delete them then and there. I just set it so it deletes them automatically.

Alternative way to deal with these, is to set your directory permissions to not writable.
I set flash settings the way I wanted, removed everything from ~/.macromedia and ~/.adobe, except settings.sol and path to it. Then, chmod -R 500 ~/.macromedia ~/.adobe.

For some reason, I have saved cacheSize.txt also, in ~/.adobe.

I read about this somewhere, so I don't take credit for coming up with this solution, or the destruction doing this causes.

by **tgoe** on Tue Oct 04, 2011 12:18 am ([msg=62039]see Re: LSO cookies[/msg])

The problems with simply /dev/null'ing LSOs is that you'll have to re-authenticate with each bank you do business with and you'll lose data if you play flash games...