Browse Definitions :
Definition

respawning cookie

A respawning cookie is a standard HTTP cookie backed up by data stored in additional files that are used to rebuild the original cookie when the user visits the originating site again.

Cookies can typically be blocked by private browsing modes on web browsers, browser settings to deny cookies or deletion by anti-malware software. As users found about cookies, many raised concerns about tracking. Disclosure of the use of cookies did not quiet this discontent and the use of standard cookies can still be a hot issue.

 A 2009 study,” Flash Cookies and Privacy,” showed that cookies were reappearing or “respawning” after deletion. The paper revealed that 50 percent of the 100 top websites were using a method of tagging user  browsers with a unique identifier that could not be easily deleted. That method is known as  persistent identification element (PIE). PIE uses JavaScript and Flash to create a tracking substitute. The storage technique is the same as that used for standard cookie data. Because of the backup data, HTTP cookies that are deleted can respawn.

 There are a couple of methods used to create respawning cookies. Flash cookies, also known as local storage objects (LSO) can be used to create a duplicated tracking record from which the original cookie is rebuilt. Flash cookies are less known and more hidden in the operating system than regular HTTP cookies.  As a result, they are less frequently deleted.  Because Flash cookies lack an expiration date and have a much larger file size (100KB max versus HTTP cookies 4K), they can be exploited to indefinitely store the tracking info that would be lost in the denied or deleted cookies while also storing much more information.

 HTML5 local storage and cache cookies through entity tags (ETags) are another method used to respawn HTTP cookies. ETags can store the same info as HTTP cookies. Again, the sites recognize the PIE and use covert backup to enable reconstitution of the cookie data.

Either of these methods offer members of a consumer tracking firm’s subscriber base more complete information about consumer comings and goings and, thus, interests that can inform marketing efforts.

Newer versions of Flash include options to delete the info required for respawning cookies. Previously, third-party utilities were required to remove them.  

The term respawning comes from multiplayer first-person shooter computer games. In these games, when your character dies, you can usually hit a key to restart and have the character “respawn” and reappear in another location.

This was last updated in October 2014

Continue Reading About respawning cookie

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • email spam

    Email spam, also known as junk email, refers to unsolicited email messages, usually sent in bulk to a large list of recipients.

  • shadow password file

    A shadow password file, also known as /etc/shadow, is a system file in Linux that stores encrypted user passwords and is ...

  • browser hijacker (browser hijacking)

    A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • bare-metal restore

    A bare-metal restore (also referred to as bare-metal recovery or bare-metal backup) is a data recovery and restoration process ...

  • mSATA SSD (mSATA solid-state drive)

    An mSATA SSD is a solid-state drive (SSD) that conforms to the mSATA interface specification developed by the Serial ATA (SATA) ...

  • network-attached storage (NAS)

    Network-attached storage (NAS) is dedicated file storage that enables multiple users and heterogeneous client devices to retrieve...

Close