HTML5 local storage could track your surfing habits

Mike

Mike

Posts: 6   +0

Web surfers generally applaud the changes coming down the pike with HTML5, but last week Wired reported on a potentially unpleasant privacy loophole on mobile phones involving the format's local storage, a feature originally designed to allow offline browsing and faster refreshing of common pages. A lawsuit has followed against Ringleader Digital, an online data collection and advertising firm, alleging that the company is using the feature to create "pseudo-cookies" that are stored locally and can track browsing history. They are not removable using standard cookie cleanup methods and are created by ads placed on the mobile versions of some high-traffic websites including CNN Money, The Travel Channel, and Merriam-Webster.

If you are concerned about the privacy violation, the local storage database will show up as "RLDGUID" and can typically be removed by going through your phone browser's settings and looking for HTML5 database storage. Despite the lawsuit, it appears that some sites are still actively creating the "cookie," although Ringleader Digital is offering an opt-out program on their website. The page must be visited from your mobile phone (presumably so the opt-out cookie can install itself) and will "be effective for the life of the device unless you install a new browser, or update your existing browser, in which case you will need to re-implement the opt out utility in order to maintain your opt out status." Sounds aggravating.

Permalink to story.

https://www.techspot.com/news/40388-html5-local-storage-could-track-your-surfing-habits.html

 
In the PrivacyChoice Index of Tracking Companies, we show when we've seen an ad network use html5 local storage.

http://www.privacychoice.org/companies/all

To contribute a report of this practice, let us know at contact@privacychoice.org
 
Google for LSO Flash Cookies and you'll see one approach.

For the Firefox browser, google BetterPrivacy extension
 
And this is different from Flash Cookies how?

Currently the only 100% method of deleting Flash Cookies, is to:
~ be a Linux or Unix user; (Can you do this with Mac OS X?)
~ using a browser that does not put tracking stuff in other places that you can not control (Firefox is one, not Google Chrome or Internet Explorer, fyi there are over 100+ other browsers);
~ use a soft link and redirect the Flash Cookies to /tmp (gets deleted when you reboot and/or turn off your Linux PC), (i.e. ln -s /tmp/linfl ./.macromedia and ln -s /tmp/linfl ./.adobe )

Still in that situation the Flash cookies are there tracking your surfing between reboots. Here is the link on how to do this with Linux, (/tmp is mentioned in the comments and worked great for me.):

http://www.theinquirer.net/inquirer/news/1725591/banish-flash-cookies-forever-linux

So for HTML5 we will be required to determine where they put any "spy-ware-cookies-flash-or-html5" and delete them as well. What else is new.

Just say "No" to "security through obscurity" and/or "false senses of security" by tools that say they delete things (flash cookies) but do not delete them 100%!
 
awe gee; sadly, as you know, Windows is not Linux. Yea symlinks (or hardlinks) allow some need stuff for sure.

The point is, GIVEN a specific system,
  • is the user aware of cookies
  • or where they ARE stored
so that they may be managed on that system.

An F18a is faster than a Piper Cub too, but that's not germane is it?
 
You must log in or register to reply here.

Similar threads

A
Opera starts offering local access to LLMs and AI chatbots
Replies
2
Views
137
Eldritch
Eldritch
Daniel Sims
European Union set to revise cookie law, admits cookie banners are annoying
2
Replies
31
Views
715
opckieran
O
A
Kioxia sent 130 TB of solid-state storage to the International Space Station
Replies
0
Views
160
Alfonso Maruccia
A

Latest posts

Back