1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How Ebay, Paypal & co can track your identity - local stored objects

Discussion in 'Black Hat SEO' started by justone, Jan 5, 2009.

  1. justone

    justone Elite Member

    Joined:
    Oct 12, 2008
    Messages:
    1,516
    Likes Received:
    1,037
    Occupation:
    -
    Location:
    Europe
    Most blackhatters are marketing guys, people looking to make money online and not security gurus.
    Here I cover a "newer" part of internet security that is used by many big companies to track your identity.
    The best proxy will not help to hide your identity if you lack knowledge about modern tracking techniques.

    I am sure most people here already know what a cookie is and how to remove a cookie, I'll not get deeper into that.
    But I'm sure a lot of users have no clue that there is another more sneaky way to place files on your computer that can NOT be removed by using browser features.

    These objects (LSO) are also called Flash cookies.
    "Flash cookies" because they are stored by an addon found in almost all browsers, the Adobe Macromedia Flash player. Frequently used to create animations or play movies on your browser.

    The Flash player has a privacy ignorant function, it allows to store up to 100kb per website in a local file. This file is OUTSIDE of your normal browser folders and your browser does not even know about it.
    A normal cookie is limited to a few kb and can easily be removed, flash cookies are evil and hide on your computer.

    I've prepared two plugins here: Remove flash cookies

    On the left side you see all your flash cookies, the right side offers you a checkbox to stop your flash player from storing cookies.

    If you never heard about flash cookies before, or did not know details about them you might be shocked about the hundreds or thousands of files that are stored on your computer without your knowledge.

    Wearing the black hat means you are one step ahead, I hope this information helps you to keep distance ;)
     
    • Thanks Thanks x 41
  2. JelleVDB

    JelleVDB Newbie

    Joined:
    Dec 29, 2008
    Messages:
    48
    Likes Received:
    1
    Thanks for sharing this mate, I did not know that. Just checked my "Flash Cookies" and there were shitloads of them on my computer.
     
  3. John Dough

    John Dough Regular Member

    Joined:
    Nov 3, 2008
    Messages:
    211
    Likes Received:
    475
    Wow. Did not have to many on my computer, but they were there! Thanks for the heads up!
     
  4. Superdude22

    Superdude22 Registered Member

    Joined:
    Jul 10, 2008
    Messages:
    79
    Likes Received:
    31
    Location:
    A Beach
    Thanks for the heads up, but you can accomplish the same thing without having to pay for a license if you install the FF plugin Objection. Just tried it and it took care of all of them.

    Code:
    http://objection.mozdev.org/
     
    • Thanks Thanks x 4
  5. Superdude22

    Superdude22 Registered Member

    Joined:
    Jul 10, 2008
    Messages:
    79
    Likes Received:
    31
    Location:
    A Beach
    Addendum:

    If you want to manage how they are processed and used you can go to Adobe to take care of it. Apparently, the only way you can manage flash cookie setting is through the adobe site (so other programs are just doing it by proxy). Sorry to burst the bubble on this post or program, but it got me interested and thinking...
    Code:
    http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html
     
  6. midknightg

    midknightg Registered Member

    Joined:
    Apr 26, 2007
    Messages:
    97
    Likes Received:
    35
    Occupation:
    BlackHat Marketing
    Location:
    online
    You don't have to pay to remove the flash cookies just if you want a license for cloakfish

    at the bottom of th page you can delete and change settings
     
    • Thanks Thanks x 1
  7. Superdude22

    Superdude22 Registered Member

    Joined:
    Jul 10, 2008
    Messages:
    79
    Likes Received:
    31
    Location:
    A Beach

    Sorry, I must have missed that. I thought you had to buy a license the line:

    Need a license ? Get one here ! Cheap introduction prices. Starting at 1$

    made me think you had to pay to get one, so I didn't click through. Didn't see that you could get a free account.
     
  8. kevin198x

    kevin198x Junior Member

    Joined:
    Nov 12, 2008
    Messages:
    141
    Likes Received:
    110
    C:\Documents and Settings\YOURUSERNAME\Application Data\Macromedia\Flash Player
     
  9. mrtornado

    mrtornado Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 16, 2008
    Messages:
    501
    Likes Received:
    530
    Location:
    {LOCATION}
    Home Page:
    Good info anyway. Never knew that ebay and paypal is doing that.
     
  10. forexspy

    forexspy Junior Member

    Joined:
    Jan 7, 2008
    Messages:
    116
    Likes Received:
    172
    What a great post! Two thumbs up to Midknightg for the firefox addon headsup. I downloaded it and Holeeeee Shit!!! I was loaded on both computers. This will become a regular part of my daily maintenance routine.
     
  11. mrtornado

    mrtornado Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 16, 2008
    Messages:
    501
    Likes Received:
    530
    Location:
    {LOCATION}
    Home Page:
    I just blocked them all.
     
  12. justone

    justone Elite Member

    Joined:
    Oct 12, 2008
    Messages:
    1,516
    Likes Received:
    1,037
    Occupation:
    -
    Location:
    Europe
    It looks like anonymizeit removes the link bookmark
    The full url i posted is
    Code:
    http://www.cloakfish.com/?tab=howto#howto_remove-flash-cookies
    When you click it as link from the forum, anonymizeit will remove the # part, because of that you landed on the TOP of the page instead of the BOTTOM.
     
  13. justdude

    justdude Regular Member

    Joined:
    Dec 17, 2008
    Messages:
    220
    Likes Received:
    72
    one of sites where I create multiple accounts left flash coockies. I was wandering how they detect I'm back .... Most funny thing I know about this flash cookie stuff. I don't know why don't check it before. Any way it's speed up my cleaning :)
     
  14. dwpg002

    dwpg002 Senior Member

    Joined:
    Dec 29, 2008
    Messages:
    919
    Likes Received:
    47
    Where is the physical location for flash cookies? I am using different user profile to logging to egay seller account. Are flash cookies common for all user account is it is separate for each user profile?
     
  15. justone

    justone Elite Member

    Joined:
    Oct 12, 2008
    Messages:
    1,516
    Likes Received:
    1,037
    Occupation:
    -
    Location:
    Europe
    I think it's common among all browsers because it uses a central place.
    it's in your Documents and settings -> Application Data\Macromedia\Flash Player\ folder
     
  16. dirtysecret

    dirtysecret Regular Member

    Joined:
    Dec 12, 2008
    Messages:
    298
    Likes Received:
    20
    So do I need to go to Macromedia's website to remove these or can I just nuke a folder on my hard drive?

    I have 4 folders inside of my ..\FlashPlayer\ folder:

    -#security
    -#shared objects
    -www.macromedia.com
    -macromedia.com

    Which "folder" do I nuke? Is it as simple as that or will that take out some vital data as well?
     
  17. Atlas

    Atlas Regular Member

    Joined:
    Mar 31, 2008
    Messages:
    214
    Likes Received:
    74
    Location:
    AirShip1
    For windows you might want to try these folders:

    C:\Documents and Settings\USER*******\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys

    and

    C:\Documents and Settings\USER*******\Application Data\Macromedia\Flash Player\#SharedObjects

    That plugin didnt really work too well for me. When i try to save the settings it didnt work.
     
  18. dirtysecret

    dirtysecret Regular Member

    Joined:
    Dec 12, 2008
    Messages:
    298
    Likes Received:
    20
    This freaks me out because it makes me wonder what else they're using for tracking that we don't even know about yet!
     
  19. necromancer1976

    necromancer1976 Newbie

    Joined:
    Jul 2, 2008
    Messages:
    31
    Likes Received:
    0
    Wow, this is some good info.
     
  20. dwpg002

    dwpg002 Senior Member

    Joined:
    Dec 29, 2008
    Messages:
    919
    Likes Received:
    47
    Physical deleting this two folder will remove the flash cookies