Browse Definitions :
Definition

respawning cookie

Contributor(s): Matthew Haughn

A respawning cookie is a standard HTTP cookie backed up by data stored in additional files that are used to rebuild the original cookie when the user visits the originating site again.

Cookies can typically be blocked by private browsing modes on web browsers, browser settings to deny cookies or deletion by anti-malware software. As users found about cookies, many raised concerns about tracking. Disclosure of the use of cookies did not quiet this discontent and the use of standard cookies can still be a hot issue.

 A 2009 study,” Flash Cookies and Privacy,” showed that cookies were reappearing or “respawning” after deletion. The paper revealed that 50 percent of the 100 top websites were using a method of tagging user  browsers with a unique identifier that could not be easily deleted. That method is known as  persistent identification element (PIE). PIE uses JavaScript and Flash to create a tracking substitute. The storage technique is the same as that used for standard cookie data. Because of the backup data, HTTP cookies that are deleted can respawn.

 There are a couple of methods used to create respawning cookies. Flash cookies, also known as local storage objects (LSO) can be used to create a duplicated tracking record from which the original cookie is rebuilt. Flash cookies are less known and more hidden in the operating system than regular HTTP cookies.  As a result, they are less frequently deleted.  Because Flash cookies lack an expiration date and have a much larger file size (100KB max versus HTTP cookies 4K), they can be exploited to indefinitely store the tracking info that would be lost in the denied or deleted cookies while also storing much more information.

 HTML5 local storage and cache cookies through entity tags (ETags) are another method used to respawn HTTP cookies. ETags can store the same info as HTTP cookies. Again, the sites recognize the PIE and use covert backup to enable reconstitution of the cookie data.

Either of these methods offer members of a consumer tracking firm’s subscriber base more complete information about consumer comings and goings and, thus, interests that can inform marketing efforts.

Newer versions of Flash include options to delete the info required for respawning cookies. Previously, third-party utilities were required to remove them.  

The term respawning comes from multiplayer first-person shooter computer games. In these games, when your character dies, you can usually hit a key to restart and have the character “respawn” and reappear in another location.

This was last updated in October 2014

Continue Reading About respawning cookie

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

SearchSecurity

  • Cybercrime

    Cybercrime is any criminal activity that involves a computer, networked device or a network.

  • data breach

    A data breach is a confirmed incident in which sensitive, confidential or otherwise protected data has been accessed and/or ...

  • zero-day (computer)

    A zero-day vulnerability, also known as a computer zero day, is a flaw in software, hardware or firmware that is unknown to the ...

SearchHealthIT

SearchDisasterRecovery

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

  • business continuity software

    Business continuity software is an application or suite designed to make business continuity planning/business continuity ...

  • business continuity policy

    Business continuity policy is the set of standards and guidelines an organization enforces to ensure resilience and proper risk ...

SearchStorage

  • business impact analysis (BIA)

    Business impact analysis (BIA) is a systematic process to determine and evaluate the potential effects of an interruption to ...

  • RAID (redundant array of independent disks)

    RAID (redundant array of independent disks) is a way of storing the same data in different places on multiple hard disks to ...

  • dedicated cloud

    A dedicated cloud is a single-tenant cloud infrastructure, which essentially acts as an isolated, single-tenant public cloud.

Close