Local Shared Object
From Wikipedia, the free encyclopedia
Local Shared Object (LSO), sometimes known as flash cookies, is a cookie-like data entity used by Adobe Flash Player. The player allows web content to read and write LSO data to the computer's local drive on a per-domain basis[1]. The Local Shared Objects[2] are available in Flash Players starting from version 6. This technology permits web sites to preserve session state and record user data and behavior[3].
Contents |
[edit] Storage policy
By default, any domain containing Flash applications, can store up to 100kb of data to user's hard drive (web browser cookies have a 4kb limit)[1]. The possible storage sizes are 0kb, 10kb, 100kb, 1Mb, 10Mb and Unlimited[4].
If the current limit is exceeded, the user is shown a dialog requesting storage space of the next size. The user can manually override the amount by clicking the Flash application with right mouse button and selecting Settings - however, this applies only to the domain of the Flash movie. If the selected setting is smaller than the current data size, the data is deleted.
The global LSO settings can be amended at Adobe's web site using a manager tool[4][5], itself using the Flash technology. Using the manager, the LSO's can be turned off completely.
[edit] Storage location
LSOs are stored in "SOL files" (typically, files with the extension "SOL"). String data, or data containing alphanumeric characters, are stored by default within SOL files as plain text, which means that the data can easily be read by any application with read access to the files.
The default storage location for LSOs is operating-system dependent.
[edit] Windows
%APPDATA%\Macromedia\Flash Player
[edit] Mac OS X
Websites - ~/Library/Preferences/Macromedia/Flash Player
AIR Applications - ~/Library/Preferences/[package name (ID) of your app]
[edit] GNU-Linux
~/.macromedia
Additional information is available at the Electronic Privacy Information Center [3].
[edit] Viewing and editing LSOs
[edit] LSO editors and toolkits
| Software | Website | Developer | First public release | Latest stable version | Cost (USD) | Open source | License | Programming language |
|---|---|---|---|---|---|---|---|---|
| SolVE | SolVE | Darron Schall | 2004-09 | 0.2 (2004-10-15) | Free | Yes | CPL | Java |
| .sol Editor | .sol Editor | Alexis Isaac | 2005-02 | 1.1.0.1 (2005-02-21) | Free | Yes | MPL | ActionScript, Delphi/Kylix |
| Dojo Toolkit | Dojo Toolkit | Dojo Foundation | 2004 | 1.0.2 (2007-12-19) | Free | Yes | BSD, AFL | JavaScript |
| MAXA Cookie Manager | MAXA Cookie Manager | Maxa Research | ? | 2.x (2007-10-02) | 49 | No | proprietary | ? |
| PyAMF | PyAMF | Nick Joyce | 2007-10-07 | 0.3.1 | Free | Yes | MIT | Python |
| SOLReader | SOLReader | Alessandro Crugnola | ? | ? | Free | No | ? | C#, PHP [6] |
| s2x | s2x | Aral Balkan | ? | ? | Free | Yes | ? | Python [7] |
[edit] Operating system support
| Software | Windows | Mac OS X | Linux | BSD | Unix |
|---|---|---|---|---|---|
| SolVE | Yes | Yes | No | No | No |
| .sol Editor | Yes | No | Yes[8] | Yes[8] | Yes[8] |
| Dojo Toolkit | Yes | Yes | Yes | Yes | Yes |
| MAXA Cookie Manager | Yes | No | No | No | No |
| PyAMF | Yes | Yes | Yes | Yes | Yes |
[edit] Web browser tools
For users of the Firefox web browser, there is an extension called Objection [9][10] that allows LSOs to be viewed and deleted.
[edit] Criticisms
Flash Player uses a sandbox security model, but, contrary to some definitions, the application does not ask the user's permission to store data permanently. This may constitute a collection of cookie-like data that may include not only user-tracking information but any personal data that the user has entered in any Flash-enabled application, whether it be stand-alone or Web-based.
Consumers often see cookies as an invasion of privacy and resent having them loaded into their computers without permission. While we have learned to delete traditional cookies, most are unaware of LSOs, and don't know how to disable them[11]. Users who delete traditional cookies may find those cookies resurrected because of Adobe/Macromedia's LSOs [12]. Since LSOs, unlike traditional cookies, have no expiration dates, the information resurrected in those cookies may persist indefinitely.
[edit] References
- ^ a b Macromedia Flash MX Security. Adobe (2002-03-01). Retrieved on 2007-12-05.
- ^ What are local shared objects?. Adobe. Retrieved on 2007-12-05.
- ^ a b Local Shared Objects -Flash Cookies. Electronic Privacy Information Center (2005-07-21). Retrieved on 2007-12-05.
- ^ a b Global settings manager. Adobe. Retrieved on 2007-12-05.
- ^ TechNote: How to manage and delete local shared objects?. Adobe. Retrieved on 2007-12-05.
- ^ PHP example with source code. Alessandro Crugnola. Retrieved on 2007-12-18.
- ^ Web demo written in Python. Aral Balkan. Retrieved on 2007-12-18.
- ^ a b c Originally written for Microsoft Windows, but will run on Unix-like systems using Wine
- ^ Addons Mirror (2007-06-07). Retrieved on 2007-12-05.
- ^ Objection web site. Retrieved on 2007-12-05.
- ^ Company Bypasses Cookie-Deleting Consumers. InformationWeek (2005-03-31). Retrieved on 2007-12-05.
- ^ Tool Can Resurrect Deleted Cookies. Out-Law.com (2005-05-04). Retrieved on 2007-12-05.
[edit] External links
| Find more about Local Shared Object on Wikipedia's sister projects: | |
|---|---|
 |
Dictionary definitions |
 |
Textbooks |
 |
Quotations |
 |
Source texts |
 |
Images and media |
 |
News stories |
 |
Learning resources |
- New Technique for Tracking Web Site Visitors. Slashdot (2005-04-04). Retrieved on 2007-12-05.
- Tracking with Flash Cookies. InformIT (2007-10-05). Retrieved on 2007-12-05.
|
|||||||||||
