Assessing Privacy Risks of Flash Cookies

crashclappergapSoftware and s/w Development

Dec 13, 2013 (3 years and 10 months ago)

77 views

1

SANS Technology Institute
-

Candidate for Master of Science Degree

1

Assessing Privacy Risks of Flash Cookies

Kevin Fuller and Stacy Jordan

February 2011

Joint Written Project

SANS Technology Institute
-

Candidate for Master of Science Degree

2

Objective


Provide an overview of http and flash
cookies


Describe the problem with storing flash
cookies


Provide tools that will detect, manage
and analyze flash cookies


SANS Technology Institute
-

Candidate for Master of Science Degree

3

What are Cookies?


Cookies! Cookies everywhere!



What are cookies?


Text file of information


Tells website you are you (HTTP cookie)


Keeps you logged into your website


Your Internet “ID card”

SANS Technology Institute
-

Candidate for Master of Science Degree

4

So What’s The Problem?


Cookies can store a lot of information


Name, address phone number


Websites visited, Webpages viewed


Account logon IDs, passwords


On and On and…..


All happening without the users
knowledge or permission





SANS Technology Institute
-

Candidate for Master of Science Degree

5

The Cookie Cold War


Advertisers and e
-
tailers


Targeted advertising


Gather your info and sell it to customers


Privacy and Internet Security Advocates


Features to block and delete cookies


Software to manage cookies


Laws and rules to aid Internet users



SANS Technology Institute
-

Candidate for Master of Science Degree

6

The Advertisers' Response?

Flash Cookies!!


They hold more information (
100k+ vs 4k
)


They can have no expiration date


They cannot be handled by existing cookie
management technologies


Re
-
Spawning!!


They can do more to control your computer


Trojan
-
like behavior

Flash Cookie


Super Cookie


Component of
Adobe Flash
Player


Local Storage
Object


Three Types


Master Cookie


Settings Cookie


Content Cookie


Stored in a different
location




SANS Technology Institute
-

Candidate for Master of Science Degree

7

How Much Information?

Common Information Like:

Name, UserID, websites accessed, general location and
purchases

More Personal Information Like:

Home address, sexual preference, health conditions, financial
information

Settings Information Like:

Allowing other domains access to cookie

Allowing third party access to cookie

Camera settings

Audio and video settings



SANS Technology Institute
-

Candidate for Master of Science Degree

8

Risk and Response


Risk


Privacy


Trojan?


Malicious


Response


Legal Pressure


New Rules


Industry Self Regulation?


SANS Technology Institute
-

Candidate for Master of Science Degree

9

Private Browsing Mode


Internet Explorer


In
-
Private Browsing


Safari


Private browsing


Google


Incognito


Firefox


Private browsing


New Rules

SANS Technology Institute
-

Candidate for Master of Science Degree

10

SANS Technology Institute
-

Candidate for Master of Science Degree

11

How to Find Flash Cookies


The use of DIR command with
command line switches can find flash
cookies


Simple Detection and Deletion


Flash Cookies
Cleaner




Flash Cookie
Cleaner


SANS Technology Institute
-

Candidate for Master of Science Degree

12

Managing Flash Cookies


Adobe Flash
Player Settings
Manager










SANS Technology Institute
-

Candidate for Master of Science Degree

13


Maxa Cookie
Manager


CCleaner

SANS Technology Institute
-

Candidate for Master of Science Degree

14

Analyze Flash Cookies


Edit Plus: can convert flash cookie data
into hexadecimal(HEX) format


SOLCAT: Perl tool created
by Kristinn
Guidjonsson

to parse flash cookie
created in Action Message Format 0
(AMF0)


Galleta: forensic tool created by Keith
Jones that will recreate Internet History


SANS Technology Institute
-

Candidate for Master of Science Degree

15

Analysis of In
-
Private
Browsing Session


Tools used for analysis


CCleaner


NetAnalysis


Results of Analysis


No flash cookies were saved


Other files were saved that
could be used to trace
Internet activity

SANS Technology Institute
-

Candidate for Master of Science Degree

16

Browser Plugins


Mozilla Firefox


Better Privacy


Tracker Scan


Google Chrome


Click and Clean

SANS Technology Institute
-

Candidate for Master of Science Degree

17

The (Near) Future


NPAPI ClearSiteData


Integrated flash cookie deletion


Google and Firefox


Adobe Flash Player Settings Manager


Integrate it into client Flash Player


Internet Explorer 9


Tracking Opt Out feature





SANS Technology Institute
-

Candidate for Master of Science Degree

18

Summary


Cookies provide a treasure trove of
information concerning Internet browsing
habits


As a result, companies that collect
information need to protect the data


Variety of tools are available to detect,
manage and analyze flash cookies


In the future, browsers will have new
features to better protect from tracking