Mind Candy

Just another WordPress.com weblog

Zombie cookies: What zombie cookies are and how to delete them

Posted by mandyf on March 24, 2012

You may not know what a Zombie cookie is, but the odds are your computer is loaded with them. What is worse than be loaded with zombie cookies is that they only exist because you took the time to delete them in the first place. Confused yet? Don’t feel bad, many people had absolutely no idea what a zombie cookie was, or that they even existed, prior to a privacy lawsuit which targeted some of the biggest names on the web.

If you visit frequently – or even just one time any of the following sites the odds are you have zombie cookies hanging around you thought were long gone: ESPN, MTV, HULU, ABC, MySpace, NBC, YouTube, Scribid, and that is just for starters. It isn’t even the tip of the iceberg when it comes to who is hiding zombie cookies on your computer. Now that your full attention is focused on these little buggers, what is a zombie cookie?

When you visit a site they generally place a cookie on your computer. You can delete these cookies, but what happens when you delete a zombie cookie is that it comes back to life in sense – hence the cool name. Since you’d easily find a cookie you deleted if it popped back up in the same place, zombie cookies which were created Quantcast do a little resurrection thing and go somewhere else – specifically your Adobe Flash player. Who would look there?

The problem was first identified at UC Berkley – or at least first documented there. They noticed that they were deleting cookies, but they kept coming back over and over again. No amount of deleting them would kill the nasty little buggers off. After tracking down their location the only fix that was easily available at that time was deleting the cookies and Adobe Flash Player which was hardly an appetizing deal. You could re-install Flash after, but who wants to keep doing that over and over?

This was cited as a serious privacy breach. If you are consciously making the decision to delete a cookie, it should remain deleted. To have something you have in effect forcibly rid yourself of re-planted on your system without consent is considered at the least very poor form. At the worst, it is the makings of a massive lawsuit. A massive lawsuit is just what is happening as one was filed in the San Francisco District Court for just this issue.

Why zombie cookies are so bad if you are trying to maintain privacy is not just that they are forced upon you and nearly impervious to deleting, it is that you cannot delete Flash cookies by normal means. Flash is reported as being on about 98% of all personal computers and the odds are almost all of those computers have visited a site that planted a zombie cookie.

The exact way a zombie cookie is made is pretty simple. When you delete a cookie from a site using the QuantCast technology, what happens is the QuantCast program goes back to the storage bin and retrieves your user id in HTML format. It then reapplies that user id, but hides it in the Flash where you can do almost nothing about it. It really is that simple. Getting rid of them however is a pain, but definitely can be done. Short of ditching Adobe completely, you can go to Adobe’s webpage and set controls on the Global Privacy Settings page. If you use Firefox you can get rid of Flash cookies – including zombie cookies by using the BetterPrivacy add-on.


One Response to “Zombie cookies: What zombie cookies are and how to delete them”

  1. txwikinger said

    Reblogged this on txwikinger's blog.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: