So what does the supply officer have to do with this post? Not much. I consider myself a reasonably smart, capable person... so when something new comes along... especial something I know little or nothing about in the IT world, I'm quiet amused. And today was one of those days: Im going to briefly talk about LSO's... and considering I just read some snippets about them... I thought since i don't know much about them... maybe you don't either. So I'll pretend I know everything.
An LSO is an acronym that stands for Locally Shared Object. When you break that down, its pretty clear what it is... Its something that's held locally... and gets shared. It works like this:
You start out with nothing... you go somewhere on the intertubes and someone gives you this LSO... how thoughtful, you put it away... The next day, when the same dude tries to gives you an LSO again, you tell him "No thanks dude, i got one here". This dude wants a peek at it, so you decide to share it with him. Now, i know this was a real dumbed down story, but you should be able to easily relate this with another function on the internets: Cookies. You can think of an LSO as a 'type' of cookie, because it is.
In real life, there are a lot of things messed up with my story:
1) "Some dude" - Not all people are good people.
2) "Gives you something" - Like being hypnotize, you have no option to reject it.
3) "You store it" - But where did you store it... can you tell me where your LSO's are? I swear they were around here somewhere?!
4) "Wishes to peek" - Just like #1, your wish is my command.
An LSO is infact a cookie, but its not the "text" based ones we're a custom to, instead:
- They Don't Expire.
- They can be as large as 100 KB (Normal cookies are only 4 KB).
- Cross-platform tracking, LSO's work in ANY Flash-enabled application/browser.
- Flash apps can be invisible BTW.
- Most browsers are not aware of LSO's since they're flash based and 'usually' cannot be removed.
- They have the ability to send stored information, without user's permission. (to the appropriate domain)
- This is via Flash, we can now send very critical personal data or technical data: (system, user name, files,...). Flash is 'executable'.
- Many domains and tracking companies use these flash-based cookies.
- I got this list from a Mozilla add-on, but i changed the words around hoping you won't notice.
You can delete them yourself if you don't use firefox (why?!) and the only thing i have picked up on about them is that some games store high scores in them... among what ever else. And due to 'privacy reason' these cookies act like normal cookies: only the originating domain can access them... (But what if they proxy?).
I had some from my bank... among other sites... and a lot from google... even one from weather.com
I would like some good comments with valuable information about them if possible.
Hello,
ReplyDeleteYour collection of FF privacy add-ons is interesting. Do you write your own privacy add-ons? Are you able to review and provide input on yet-to-be-published add-ons?
thanks,
rob
No, I don't write anything... yet. One day I'll write code, but I just don't have the time... or the skills. I've starting to look into it more and more. Its just a matter of time until I start.
ReplyDeleteI have provided feedback to authors, some take it as noise (probably because they get alot of feedback) while others follow up with it. Nothing pre-published (although that would be awesome!)
I've been working (unoffically) with Mike Prince, the author of Ad Hacker, and I think he'll use some of my ideas... I've also writen one defination for Ad Hacker (Reg Exp). But I really had to learn reg exp before I did it, and I don't think it's 'good' code and may end up modified.