1 sans technology institute - candidate for master of science degree 1 assessing privacy risks of...

1SANS Technology Institute - Candidate for Master of Science Degree 1

Assessing Privacy Risks of Flash Cookies

Kevin Fuller and Stacy JordanFebruary 2011

Joint Written Project

SANS Technology Institute - Candidate for Master of Science Degree 2

Objective

• Provide an overview of http and flash cookies

• Describe the problem with storing flash cookies

• Provide tools that will detect, manage and analyze flash cookies


What are Cookies?

• Cookies! Cookies everywhere!

• What are cookies?• Text file of information• Tells website you are you (HTTP

cookie)• Keeps you logged into your website• Your Internet “ID card”


So What’s The Problem?

• Cookies can store a lot of information– Name, address phone number– Websites visited, Webpages viewed– Account logon IDs, passwords– On and On and…..

• All happening without the users knowledge or permission


The Cookie Cold War

• Advertisers and e-tailers– Targeted advertising– Gather your info and sell it to

customers• Privacy and Internet Security

Advocates– Features to block and delete cookies – Software to manage cookies– Laws and rules to aid Internet users


The Advertisers' Response?

Flash Cookies!!• They hold more information (100k+ vs 4k)• They can have no expiration date • They cannot be handled by existing

cookie management technologies• Re-Spawning!!• They can do more to control your

computer• Trojan-like behavior

Flash Cookie

• Super Cookie– Component

of Adobe Flash Player

• Local Storage Object

• Three Types– Master Cookie– Settings Cookie– Content Cookie

• Stored in a different location


How Much Information?

Common Information Like:Name, UserID, websites accessed, general location and purchases

More Personal Information Like:Home address, sexual preference, health conditions, financial information

Settings Information Like:Allowing other domains access to cookie Allowing third party access to cookieCamera settingsAudio and video settings


Risk and Response

• Risk– Privacy– Trojan?– Malicious

• Response– Legal Pressure– New Rules– Industry Self Regulation?


Private Browsing Mode

• Internet Explorer– In-Private Browsing

• Safari– Private browsing

• Google– Incognito

• Firefox– Private browsing– New RulesSANS Technology Institute - Candidate for Master of Science Degree 10


How to Find Flash Cookies

• The use of DIR command with command line switches can find flash cookies

Simple Detection and Deletion

• Flash Cookies Cleaner

• Flash Cookie Cleaner


Managing Flash Cookies

•Adobe Flash Player Settings Manager


• Maxa Cookie Manager

• CCleaner


Analyze Flash Cookies

•Edit Plus: can convert flash cookie data into hexadecimal(HEX) format

•SOLCAT: Perl tool created by Kristinn Guidjonsson to parse flash cookie created in Action Message Format 0 (AMF0)

•Galleta: forensic tool created by Keith Jones that will recreate Internet History


Analysis of In-Private Browsing Session

• Tools used for analysis– CCleaner– NetAnalysis

• Results of Analysis– No flash cookies were

saved– Other files were saved

that could be used to trace Internet activity


Browser Plugins

• Mozilla Firefox– Better Privacy– Tracker Scan

• Google Chrome– Click and Clean


The (Near) Future

• NPAPI ClearSiteData– Integrated flash cookie deletion– Google and Firefox

• Adobe Flash Player Settings Manager– Integrate it into client Flash Player

• Internet Explorer 9– Tracking Opt Out feature


Summary

• Cookies provide a treasure trove of information concerning Internet browsing habits

• As a result, companies that collect information need to protect the data

• Variety of tools are available to detect, manage and analyze flash cookies

• In the future, browsers will have new features to better protect from tracking

1 sans technology institute - candidate for master of science degree 1 assessing privacy risks of...

Documents

master of science degree

storing flash cookies

flash cookie data

cookies laws

summary cookies

cookies software

clean slide

behavior slide