Unmentioned in the fluff article: Since flash cookies are set in a user-global location, they are the same live across all browsers. As an added bonus, they completely defeat "private browsing" everywhere I've tried it.
I've made the "#SharedObjects" directory read-only.
Since then I've been using flash without any problems - the only noticeable effect is that I have to reset the volume on youtube videos each time I play a video.
you are correct. chrome does store flash cookies even when in incognito mode. i logged out of pandora in chrome, started up IE, noticed that i was logged out of pandora, then started up chrome in incognito mode, logged into panodra, then started up IE and noticed that i was now logged in to pandora.
Play this (addicting) game in Firefox - http://www.ferryhalim.com/orisinal/g3/bells.htm. It will record your high score. Open Chrome in incognito mode, die quickly, and see that it has kept your high score from Firefox.
Ok I'm back, after 'experimenting' with that flash game for the last 19 hours I can report that the music does get a bit annoying after hour 13 or so. Also Incognito mode doesn't stop the flash bugs.
Wow, horrible application. First, Chrome gave me warning that ActionScript is too slow. And when you click on 'tabs', a new page is loaded even though it's a flash application! And why do they need a separate page for this? Why is it not accessible when I right click a Flash movie?
<em>"Why is it not accessible when I right-click a Flash movie?"</em>
It is... the context menu always holds at minimum a "Settings" link.
For "Why is it on a webpage instead of in the SWF?", it's because Flash is part of a webpage, and is often not sized large enough to display a dialog. Unlike a browser, Flash has no chrome of its own -- it's a component.
jd, you do not get these privacy settings control when you select 'Settings' by right clicking on Flash. Those 'Settings' let you control microphone/web cam usage. You have to again click on 'Advanced' link on one of the tab, which will lead you to this page. My question is, why do I have to go to a Macromedia hosted page to change privacy settings of Flash player installed on my computer?
I guess this is still irrelevant if you use FlashBlock. I know I've seen many sites that don't obviously use Flash, except for the existence of a flashblock item in the top-left corner - my guess at the time was that it was tracking.
Not totally irrelevant, I assume you sometimes enable a flash embed or two. Just because it plays a movie (or whatever) doesn't mean it isn't tracking you, too.
One comment suggests running the browser in a virtual machine and restoring from a snapshot at the beginning of each session, which is also what I do and has worked out well. Using Virtualbox, the bookmarks file can be separately mounted on a so-called writethrough image to allow persistent updates. There are some difficulties with the shared clipboard but ssh between the host and vm is a workaround.
I'm wondering if there's some similar permanent iPhone ID available to apps.
I did a 'full wipe' on my iPhone3g and gave it to my sister -- but then when she installed Pandora, it started pre-logged-in to my account. The only mechanisms I can imagine for that are (1) (less likely) an app-addressable storage area, like cookies, that's spared the 'full wipe'; (2) a permanent device ID that apps can use as if it were an unerasable, global cookie.
Thanks. I accept that installed apps have privileged access to such per-device IDs, and can see why Pandora finds it useful... but it seems there should be some guidance against such use, or a mechanism for breaking such associations after a 'full wipe'. (Perhaps, the last part of the ID is an counter that increments each wipe.)
My sister seeing my Pandora stations is no big deal but if it had instead been a stranger I'd sold the unit to, that'd be more of a concern... and if other apps do the same thing, more important personal information could be at risk.
