79362 Views 7 Replies Latest reply: Dec 15, 2010 1:45 PM by pyry
Safari can keep your browsing history private. When you turn on private browsing, Safari doesn’t remember the pages you visit, your search history, or your AutoFill information, so your partner cannot see where you have been, but you must also remember to also turn off acceptance of cookies.
In all other respects Private Browsing is not as private as you might think:
and then Apple's own advice from here: http://www.apple.com/pro/tips/privacy_safari.html
"Note that the Private Browsing option does not prevent Safari from collecting cookies (the preference files automatically generated by many websites). The Reset Safari option clears all cookies. If you want to delete only certain ones, choose Preferences from the Safari menu, click the Security tab, and then click Show Cookies. You can select and delete individual cookies from the list that appears. Careful, though — if you’re a frequent web user, this list can be very, very long."
which is itself incomplete, the relevant part being 'If you want to delete only certain ones.
To that end it is useful to have Safari Cookies installed, which is the only cookie manager available for Safari:
which automatically deletes all cookies not marked as 'favourites' when closing Safari. It does the same for Flash Cookies, but they are subject for themselves:
From this website: http://machacks.tv/2009/01/27/flushapp-flash-cookie-removal-tool-for-os-x/ For those who do not know about Flash cookies, more properly referred to as Local Shared Objects (LSO), they operate in a similar way to regular browser cookies but are stored outside the purview of your browser, meaning you cannot delete them from within your browser, whether Safari, Firefox, Opera or any other. Typically they are issued from sites or 3rd party sites that contain Adobe Flash content. Since virtually all internet advertising is delivered in Flash, Google/Doudleclick and all other internet advertising companies are sure to be tracking your browsing behavior with Flash cookies. These companies can see you traverse the Internet as you come upon the plethora of sites that contain their embedded advertising. Check out the Wikipedia entry here. In Mac OS X they are stored in the following location:
/User’s Home Folder/Library/Preferences/Macromedia/Flash Player/#SharedObjects
The settings for the Flash cookies are stored in: /User’s Home Folder/Library/Preferences/Macromedia/Flash Player/macromedia.com/support/flashplayer/sys In OS X Local Shared Objects, or Flash Cookies, are appended with a .sol suffix. Flush deletes all the Flash cookies (.sol) and their settings. Flush can be downloaded from that page. If you want to retain certain Flash cookies but not others, the excellent add-on for Safari called SafariCookies now includes a setting for automatically deleting flash cookies you don't want to retain, when Safari is shut down, in the same as it deals with ordinary cookies:
http://www.sweetpproductions.com/safaricookies/index.htm which not only does that but much more equally useful stuff! This article covers the issue in more depth:
http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/ Flash cookies are also known as 'Zombie Cookies' and are used by a number of firms, including Hulu, MTV, and Myspace. Graham Cluley, senior technology consultant at the internet security firm Sophos, told BBC News that the source of the trouble was Adobe Flash itself, which he called "one of the weirdest programs on the planet". "I think it's highly unlikely that these large companies have abused Flash cookies - which are different from browser cookies - with malicious intent," he said. "I think it's much more likely that the vast majority of users are simply oblivious to the bizarre way in which Adobe allows them to configure the software." http://www.bbc.co.uk/news/technology-10787882 And a more recent article: http://www.nytimes.com/2010/09/21/technology/21cookie.html?_r=3&scp=1&sq=flash&s t=cse
You also leave traces in:
/Users/you/Library/Caches/Adobe/Flash Player/AssetCache (I locked my AssetCache folder)
I think something changed in Snow Leopard, as "dscacheutil -cachedump -entries Host" brings up nothing here.
Klaus, some of your links are broken:
Nooo - your links are broken, not the ones steko posted.
... if I can dump all these shared objects (must be many hundreds of them) with no harm done to anything else (?)
Yes, no problem at all - they're cookie-like in that you might notice a Flash site doesn't remember some setting you chose, for example.
Klaus & Andy, I locked:
"folder with cryptic name, unique for evey user" like "ABC8RXYZ" in: ~/Library/Preferences/Macromedia/Flash Player/#SharedObjects/
"sys": ~/Library/Preferences/Macromedia/Flash Player/macromedia.com/support/flashplayer/sys/
AFTER opening a MySpace page one time, as Myspace seems to be the only site, that needs to create/find a flash-cookie, to work (musicplayer).
Causing no problems here & I don't have to delete them all the time.
So those Myspace ones:
stay there undeleted for a long time.
Do you think these alone (& the unique cryptic named folder) already make one traceable?