Flash, You Sneaky Bastard!

Flash, the popular multimedia platform that helps make websites more interactive, has cookies separate from your web browser’s cookies. They’re called local shared objects (LSO) and they may be a security hole—like all things Flash ;–)

There are a number of directories where the flash cookies may be stored. For example, on Mac OS X, LSOs are stored in two locations:

  • ~/Library/Preferences/Macromedia/Flash\ Player/#SharedObjects/
  • ~/Library/Preferences/Macromedia/Flash\ Player/macromedia.com/support/flashplayer/sys/

And there are more possible! For a detailed list, check the list of locations on Wikipedia’s LSO entry.

You can manually navigate to these locations and delete nasty ad-tracking/malware-hosting objects; however, while deleting unwanted cookies is worthwhile, it’s not a good long-term solution. I recommend you update your Flash settings (this interface also allows you to delete your LSOs) now! There are several tabs to look through, but don’t worry—it’s quick. Make sure you deny access to your camera and microphone! For finer grained control, the Firefox extension Objection helps track and eliminate Flash cookies.

Whatever your strategy, I wish you luck!