Helping people with computers... one answer at a time.

Websites have several methods of tracking visitors from tracing IP addresses to dropping cookies. I walk through various steps needed to go anonymous.

I logged into a website on two separate instances with a different ID and a different IP. I rebooted my router so the IP changed each time, but from the same machine – trying to create a second account for my brother. I also had all cookies deleted and forbid the specific site from downloading more into my machine. The website actually was able to find out that this was me logging in with different IDs. My question is: how can the website (even after taking all these measures) know that it's still me?

In this excerpt from Answercast #33, I look at the many methods that websites can use to remember who you are; leaving any one of them in place could result in them remembering you.

Website knows it's me

It's surprising that a website would go to these lengths, but it's certainly possible.

Now, there are a couple of things that I would immediately jump on.

  1. One is are you really sure you got a different IP?

Typically, rebooting a router will not necessarily assign you a new IP address. It depends on your ISP. Sometimes, they do; sometimes, they don't.

In my case, my experience has been that when you reboot your router, nine times out of ten you get the same IP address you had five minutes ago. So that may or may not have been part of what's leading into this.

Flash cookies

The other thing that immediately comes to mind is something called Flash cookies.

You've cleared your cookies; and I know that you know how to go into the browser and clear the cookies. But in fact, using Flash, there is a different kind of persistent storage that web pages can use Flash to access.

  • They can use Flash to drop the equivalent of a cookie.

In fact, we tend to refer to them as "Flash cookies" because they are data left by Adobe Flash technology. It's possible that the website could be using Flash cookies. You simply didn't clear them because you didn't know – most people don't. So that's something else to try.

I believe CCleaner will actually clear Flash cookies for you. If you don't want to use that, there are other approaches to clearing Flash cookies, even by using some applications available at the Adobe website.

Just Google "clear Flash cookies" and you'll come up with a bunch of ways to do that.

Super cookies

Finally (and this is a little bit more off the slightly-paranoid spectrum), if you look into a technology that I think was called "Super Cookies," they use about ten different technologies to save a piece of information on your computer.

  • Now I just mentioned Flash cookies; so obviously, if a site uses Flash cookies that means that if you erase your regular cookies, the information is still there.

  • Conversely, if you know about Flash cookies and erase those, but don't erase your regular cookies, the information is still there.

  • Multiply that by 10. In other words, have 10 different technologies that this Super Cookie technology can use, and there are several different ways to leave something on your machine that can readily identify it as being you.

I'm not aware of any websites that use this. This is really, pretty arcane stuff. A lot of it was done as 'proof of concept' as to how easy it is to do. But in reality, I don't see anybody actually doing it.

More information

I think, to get a little deeper into your problem would probably require understanding what website it is you're trying to access as well.

But that's what comes to mind.

End of Answercast #33 Back to – Audio Segment

Article C5566 - July 9, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

2 Comments
Lucy
July 10, 2012 9:01 AM

Using Firefox, flash cookies can very easily be cleared with the add-on Better Privacy. The first time I fired up Better Privacy I was shocked at how many flash cookies (LSO's) were on my machine, and also at which websites had placed them there. There are different settings that will clear them at a variety of options, e.g. opening or exiting the browser, and you can exclude ones you want to keep from deletion. It is my understanding that LSO's / flash cookies are not harmless.

LSOs and Flash Cookies, like any technology are not harmful in and of themselves. They can be used in ways that reduce privacy, but more often than not they are simply used to provide a better experience for the user. I honestly believe that the concerns about cookies - browser or flash - are overblown. They're certainly not something I worry about.
Leo
10-Jul-2012
rocketride
July 10, 2012 10:22 AM

Interesting and a bit ironic. vid.askleomedia.com has a LSO on my system. It's only a little one and I think I'll let it stay.

Honestly, I'm surprised. My guess is that it's a side effect of the Flash-based video player that I use. Feel free to delete it - nothing I do depends on it. Smile
Leo
10-Jul-2012

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.