190 likes | 334 Views
Assessing Privacy Risks of Flash Cookies. Kevin Fuller and Stacy Jordan February 2011 Joint Written Project . Objective. Provide an overview of http and flash cookies Describe the problem with storing flash cookies Provide tools that will detect, manage and analyze flash cookies.
E N D
Assessing Privacy Risks of Flash Cookies Kevin Fuller and Stacy Jordan February 2011 Joint Written Project SANS Technology Institute - Candidate for Master of Science Degree
Objective • Provide an overview of http and flash cookies • Describe the problem with storing flash cookies • Provide tools that will detect, manage and analyze flash cookies SANS Technology Institute - Candidate for Master of Science Degree
What are Cookies? • Cookies! Cookies everywhere! • What are cookies? • Text file of information • Tells website you are you (HTTP cookie) • Keeps you logged into your website • Your Internet “ID card” SANS Technology Institute - Candidate for Master of Science Degree
So What’s The Problem? • Cookies can store a lot of information • Name, address phone number • Websites visited, Webpages viewed • Account logon IDs, passwords • On and On and….. • All happening without the users knowledge or permission SANS Technology Institute - Candidate for Master of Science Degree
The Cookie Cold War • Advertisers and e-tailers • Targeted advertising • Gather your info and sell it to customers • Privacy and Internet Security Advocates • Features to block and delete cookies • Software to manage cookies • Laws and rules to aid Internet users SANS Technology Institute - Candidate for Master of Science Degree
The Advertisers' Response? Flash Cookies!! • They hold more information (100k+ vs 4k) • They can have no expiration date • They cannot be handled by existing cookie management technologies • Re-Spawning!! • They can do more to control your computer • Trojan-like behavior SANS Technology Institute - Candidate for Master of Science Degree
Flash Cookie • Super Cookie • Component of Adobe Flash Player • Local Storage Object • Three Types • Master Cookie • Settings Cookie • Content Cookie • Stored in a different location SANS Technology Institute - Candidate for Master of Science Degree
How Much Information? Common Information Like: Name, UserID, websites accessed, general location and purchases More Personal Information Like: Home address, sexual preference, health conditions, financial information Settings Information Like: Allowing other domains access to cookie Allowing third party access to cookie Camera settings Audio and video settings SANS Technology Institute - Candidate for Master of Science Degree
Risk and Response • Risk • Privacy • Trojan? • Malicious • Response • Legal Pressure • New Rules • Industry Self Regulation? SANS Technology Institute - Candidate for Master of Science Degree
Private Browsing Mode • Internet Explorer • In-Private Browsing • Safari • Private browsing • Google • Incognito • Firefox • Private browsing • New Rules SANS Technology Institute - Candidate for Master of Science Degree
How to Find Flash Cookies • The use of DIR command with command line switches can find flash cookies SANS Technology Institute - Candidate for Master of Science Degree
Simple Detection and Deletion • Flash Cookies Cleaner • Flash Cookie Cleaner SANS Technology Institute - Candidate for Master of Science Degree
Managing Flash Cookies • Adobe Flash Player Settings Manager • Maxa Cookie Manager • CCleaner SANS Technology Institute - Candidate for Master of Science Degree
Analyze Flash Cookies • Edit Plus: can convert flash cookie data into hexadecimal(HEX) format • SOLCAT: Perl tool created by Kristinn Guidjonssonto parse flash cookie created in Action Message Format 0 (AMF0) • Galleta: forensic tool created by Keith Jones that will recreate Internet History SANS Technology Institute - Candidate for Master of Science Degree
Analysis of In-Private Browsing Session • Tools used for analysis • CCleaner • NetAnalysis • Results of Analysis • No flash cookies were saved • Other files were saved that could be used to trace Internet activity SANS Technology Institute - Candidate for Master of Science Degree
Browser Plugins • Mozilla Firefox • Better Privacy • Tracker Scan • Google Chrome • Click and Clean SANS Technology Institute - Candidate for Master of Science Degree
The (Near) Future • NPAPI ClearSiteData • Integrated flash cookie deletion • Google and Firefox • Adobe Flash Player Settings Manager • Integrate it into client Flash Player • Internet Explorer 9 • Tracking Opt Out feature SANS Technology Institute - Candidate for Master of Science Degree
Summary • Cookies provide a treasure trove of information concerning Internet browsing habits • As a result, companies that collect information need to protect the data • Variety of tools are available to detect, manage and analyze flash cookies • In the future, browsers will have new features to better protect from tracking SANS Technology Institute - Candidate for Master of Science Degree