Feeds

back to article Disney sued for spying on kids with 'zombie cookies'

Walt Disney's internet subsidiary and several of its partners have been sued for allegedly using cookies based on Adobe's Flash Player to track highly personal information about their users, many of whom were minors. The LSOs, or locally shared objects are better known as Flash Cookies, and their ability to gather detailed user …

COMMENTS

This topic is closed for new posts.
Silver badge
Megaphone

There's a Firefox add-on for that...

It's called BetterPrivacy. You can set it to delete flash cookies every time you exit the browser.

7
0
Bronze badge

I just checked my LSO's

and there were around 50. I have set BetterPrivacy to delete on exit... Why were they still there?

No they weren't flash settings cookies, I have set Better Privacy to delete these too.

I suggest those using this addon check the LSO manager.

0
0
Thumb Up

Seamonkey

works with Seamonkey too.

(Seamonkey is a full web suite (Firefox+Thunderbird+HTML Composer) from Mozilla)

0
0

or just use the BetterPrivacy plugin

Firefox users can use BetterPrivacy. This will automatically remove LSOs on exit as well as (say) two hours after last use.

3
0
FAIL

I hope Flash just dies

I have ClicktoFlash installed on Safari, Flashblocker on Firefox.

Safari now has extensions, you can get one called YouTube5 which loads HTML5 versions in place of the Flash.

w.r.t this article, isn't it more likely the snot bags' parents were searching for depression stuff? I totally oppose what Disney has allegedly done, but it's absurd to sue them. They should sue Adobe for creating such a sucky platform.

3
7
Boffin

Apple Fanboi alert!, Apple Fanboi alert! , Apple Fanboi alert!

Adobe didn't create FLASH, that was Macromedia. Adobe just bought Macromedia as Dreamweaver and Flash kept thumping every other platform on the Market.

Believe it or not there was an Internet before the iPhone.

6
1

Googlebashing much?

"I totally oppose what Raoul Moat has allegedly done, but it was absurd to shoot him. They should have shot the manufacturer for making the gun he used."

Adobe may be guilty of creating a "sucky platform", but that doesn't excuse its use in an immoral and illegal way.

4
1
Silver badge

Can't sue Abode

They didn't do anything wrong. It was the companies using the tools who allegedly did the badness.

Can you sue Microsoft for what people write in Word? Can you sue gunmakers because their products are used to kill people? Can you sue Ford because someone was knocked over by one? Nope.

3
1

Huh?

No mention of Apple in the article and no mention in the comments, until you turned up. Would be nice if we could go a whole story without them being mentioned. Just once.

2
0

I suggest you look here

~/Library/Preferences/Macromedia/

1
0
Big Brother

Better Privacy add-on + Firefox

Half an answer: The BetterPrivacy add-on for Firefox does a good job of removing these nasty files, but so far I haven't found a way to block them without blocking all cookies, some of which may be needed for full functionality of a visited site. Also some sol files are desirable (e.g. Skype settings), so this add-on does require some thought in how it is configured.

0
0
Silver badge

Children's consent

One of the hallmarks of understanding proper adult interaction with children is understanding consent. Children simply don't have the experience to be able to give it because they don't understand the implications of what they (or the adult) are doing. This puts the adult in a position of responsibility. I wonder if Disney has considered this. Is it even legal for someone other than a child's parents to track their online behaviour? It seems to me that one should get the parent's permission first.

My thought is that if you are going to use tracking cookies, then you need to have a consenting age form upon entry. Perhaps there should also be the ability for parents to filter these "cookie" sites.

6
1
Coat

Between a rock and a hard place

Children simply don't have the experience to be able to give understanding consent. Parents barely understand how to work a computer.

1
0
Silver badge

Adobe have a lot to answer for this

The current situation was entirely predictable and entirely avoidable.

People don't know about shared objects because there is no integration between flash and the browser to control them. So some sites abuse this lack of knowledge to reinstate cookies from shared objects.

Flash does have a settings page but it is very badly arranged (it has a microscopic, non resizable panel where people might be expected to manage hundreds of shared objects) and has very poor privacy controls. If Adobe want to stop this kind of crap happening, there are several obvious choices -

a) Provide APIs that allow browsers (or extensions to browsers) to control Flash settings, drill into shared objects etc.. Adobe could even write their own extension that did just that.

b) Radically revamp their existing settings page making it each for people to manage their data, set their privacy settings etc. This settings page should be task centric and resizable rather than a pissy little panel.

c) Work with NPAPI stakeholders to define a mechanism for the browser to manage shared objects. Let shared objects pass through the same security & rules for expiration & deletion as regular cookies.

3
0
Anonymous Coward

Deleting Flash Now

I've used flash blockers but now I'm taking the whole plunge.

Wish me luck!

3
0
Gold badge
Thumb Up

Deleting flash

I used to use flash blockers, but they aren't (or weren't) that good. One still loaded the flash, and even then let it run a little before staopping it. That one and another let the web page discover that I had flash, meaning that I didn't get redirected to the non-flash site.

Now I have 2 browsers. One that I use for almost everything and doesn't have flash installed. The other has Flash installed and I never use it unless I really want to use a site that needs flash. This works much better for me.

But I'm still waiting for the death of flash caused by the iphone / ipad brigade.

1
0
Thumb Up

Best of luck to you!

The more my iPad demands I use it, the less I miss Flash anyway. I already have a Flashblocker on my work computer, putting one on my home computer is the next step (and that will make the Facebook-using hangers-on complain, oh well).

1
1
Jobs Halo

Flash Gordon

Unfortunately, many websites won't allow you to visit without Flash installed. I tried the whole "f--- Flash" and deleting the plugin, but found my browsing was severely hampered. Stick with FlashBlock.

0
0
Silver badge
Megaphone

my attitude is the opposite.

If they (or their advertisers) want my eyeball-time, they provide a flash-free version of their site. My PC is for *my* convenience, not theirs!

2
0
Silver badge
Unhappy

Where, oh where, has the Disney of our ...

youth gone?

Bambi, Cinderella. Akela, Wendy or Donald would never have approved of these tricks.

2
2
Anonymous Coward

You do know...?

You know that the employees of Walt Disney used to call the place Mousewitz, don't you? Walt himself was a domineering authoritarian, and the company always kept an eye on every little thing going on in the company.

This is par for the course....

5
0
Happy

In the the story I heard..

The management stopped them calling it Mouswitz so they just started calling it Duckau instead.

I've no idea whether it's true but it still makes me smile anyway.

2
0

Someone hasn't seen the SNL skit

http://www.hulu.com/watch/1521/saturday-night-live-disney-vault-vt

(Hopefully that can be seen across the pond) Okay, most of it was fake, but the HUAC bit was real, where he claimed various animators who were striking for better pay and unions were communists.

http://filmtv.eserver.org/disney-huac-testimony.txt

0
0
Silver badge
Flame

And remember the lemmings didn't jump, they were pushed!

By a guy just out of shot with a big broom.

The Disney-of-our-youth was a big violator of humaine treatment of animals in order to get all those cutsey wounded-wildcreature-makes-good stories.

1
0

They have a settings page???

Where oh where do they fucking hide that????

1
0

The title is required, and must contain letters and/or digits.

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html

0
0
Anonymous Coward

FYI

Firefox users can install an extension called "better privacy", which can manage flash supercookies, and add them to the list of things that the browser can clear as "private date" etc.. It's very effective. Doubtless there are things for users of other browsers- including external apps to sweep them from disk. A quick google will probably see you right. It's not rocket surgery to control it, though it's a shame that one must be constantly on the defensive to avoid Bad Things being done by supposedly reputable companies.

Letting things set whatever the hell they like, and then delete all private data on startup/shutdown seems to keep all these tracking cookies at bay.

1
0
Boffin

Flash Settings Panel

''...makes it easy to manage and delete the new-fangled cookies.''

That would be here then (direct link to your own Flash settings)

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

0
1
Stop

BetterPrivacy 1.48.3

https://addons.mozilla.org/en-US/firefox/addon/6623/

1
0
Go

Useful site

Manage Cookies here...

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html

0
1
Unhappy

Walks like a duck and talks like a duck - must be a tracking cookie

Having recently purchased a birthday present for my wife of the black & lacy variety.

I now find a lot of websites I and my daughters visit presenting adverts for other black lacy things and sometimes red! Not really what I wanted my pre-teenage daughters seeing.

adsense - I don't remember inviting you into my fantasy!

2
1
Stop

If I had pre-teenage daughters...

...and I let them browse the web, then I'd certainly have an ad-blocker installed. Partly to prevent such issues, but largely because I've seen a lot of inappropriate ads in unexpected places!

1
0
Alert

Re: black lacy things

Surely your daughters have their own accounts and do not share yours.

2
0
FAIL

My daughters access to the internet is supervised

Why should they need their own accounts to go on eBay?

I think the addition of a ad blocker is a much better idea.

0
0
WTF?

Adobe's stand point....

"“condemns the practice of using Local Storage to back up browser cookies for the purpose of restoring them later without user knowledge and express consent.” "

Well stop it happening. You write the code, you prevent it happening. FFS talk about shirking responsability.

2
1
Linux

What flash cookies?

cd ~/.macromedia

rm -f Flash_Player

ln -s /dev/null Flash_Player

1
1
Flame

Adobe's customers...

...are not you. Adobe write their software and utilities for the advertisers and web-sites that want to rape your privacy, so it is any wonder that any tools provided by them for *you* to be able to control this behaviour are obtuse and under-powered?

4
0
Silver badge
Thumb Up

exactly

Flash Player is free, so you take what you get.

Flash dev. tool users are the ones paying so get what they want.

1
0
Silver badge

Local storage

Set the allowed amount of local storage to zero, and Flash will ask you for permission every time. BBC news videos prompt five or six times before getting going. It's a bit annoying, but at least I can say eff-off.

1
0
Anonymous Coward

you can stop flash cookies without browser extensions

Just change the folder permissions to prevent Flash from accessing/reading the sharedObjects directory. Useful directions here:

http://designpeo.pl/e/blog/preventingblocking-tracking-through-flash-cookies

0
0
Silver badge
Thumb Up

Good idea

You could even let the sites you do want cookies from (for ,say, viewing prefs) set their cookies before locking down the folder. Or just manually unlock it breifly on the rare occasions you feel the site will give value to you from setting a cookie.

While I largely ignore flash, I have web-cookie approval set to manual and never cease to be amazed by how many sites want to set a cookie despite there being absolutely nothing user-preference related on them.

1
0
RW
Unhappy

But what's the point of tracking?

I have a privately held opinion [*] that the marketers are delusional when they think their snooping on browsing can be used to sell things to us masses. Being professional liars, they lie to their clients as often as they do to potential customers, and the efficacy of browse-tracking is one of the bigger lies.

Something like the music business, the marketing business impresses me as having a dead/dying business model they are desperately trying to keep afloat.

The real use of tracking cookies (and other such features) is to facilitate simple snooping by employers, police, and other do-gooder (sometimes do-badder) busybodies who do not understand the word "private".

[*] No doubt my privately held opinion is on record with Google.

3
0

But..

Adobe: “condemns the practice of using Local Storage to back up browser cookies for the purpose of restoring them later without user knowledge and express consent.”... "But it makes us money, so we'll give lip service to privacy but really not care because we don't want to take away a potential money source of people buying flash tools."

The best tool around to get rid of them is the Firefox addon BetterPrivacy, got it configured to automatically delete all flash cookies after I close Firefox. Apple Safari, Google Chrome etc can hark on all they like about speed but Firefox has the best overall browsing experience with all the best addons.

0
0
Silver badge
Thumb Down

Killing the goose?

The more I read the more I am starting to think that I should employ a completely stateless browser. There's a goodly set of browser appliances for use with VMware player, including good old Firefox at http://www.vmware.com/appliances/directory/507083, or I can play a live CD ISO image.

Clone a VM, browse, nuke it. Shouldn't slow me down much with a decent PC.

Do the guys that spy on us know about killing the goose that lays the golden eggs?

2
0
Bronze badge
Thumb Up

Tips I like and have been using before

"you can stop flash cookies without browser extensions #

Posted Tuesday 17th August 2010 14:54 GMT

Just change the folder permissions to prevent Flash from accessing/reading the sharedObjects directory. Useful directions here:

http://designpeo.pl/e/blog/preventingblocking-tracking-through-flash-cookies"

That's what i did. I also use Better Privacy. I have it set crazily to block on finding, on close, and periodically. As for the linking to a dev null path, i haven't done that yet...

0
0

The best part

The best part is the disney vacation website being advertised on the bottom of the page... brilliant!

0
0
Anonymous Coward

OMG Paedocookies!

Ban this sick filth!

Story not interesting enough? throw in an innocent child or two to spice things up.

You make it sound like other websites have some kind of magic technology that prevents these LSOs getting on children's computers.

0
0
This topic is closed for new posts.