Browse Definitions :
Definition

respawning cookie

Contributor(s): Matthew Haughn

A respawning cookie is a standard HTTP cookie backed up by data stored in additional files that are used to rebuild the original cookie when the user visits the originating site again.

Cookies can typically be blocked by private browsing modes on web browsers, browser settings to deny cookies or deletion by anti-malware software. As users found about cookies, many raised concerns about tracking. Disclosure of the use of cookies did not quiet this discontent and the use of standard cookies can still be a hot issue.

 A 2009 study,” Flash Cookies and Privacy,” showed that cookies were reappearing or “respawning” after deletion. The paper revealed that 50 percent of the 100 top websites were using a method of tagging user  browsers with a unique identifier that could not be easily deleted. That method is known as  persistent identification element (PIE). PIE uses JavaScript and Flash to create a tracking substitute. The storage technique is the same as that used for standard cookie data. Because of the backup data, HTTP cookies that are deleted can respawn.

 There are a couple of methods used to create respawning cookies. Flash cookies, also known as local storage objects (LSO) can be used to create a duplicated tracking record from which the original cookie is rebuilt. Flash cookies are less known and more hidden in the operating system than regular HTTP cookies.  As a result, they are less frequently deleted.  Because Flash cookies lack an expiration date and have a much larger file size (100KB max versus HTTP cookies 4K), they can be exploited to indefinitely store the tracking info that would be lost in the denied or deleted cookies while also storing much more information.

 HTML5 local storage and cache cookies through entity tags (ETags) are another method used to respawn HTTP cookies. ETags can store the same info as HTTP cookies. Again, the sites recognize the PIE and use covert backup to enable reconstitution of the cookie data.

Either of these methods offer members of a consumer tracking firm’s subscriber base more complete information about consumer comings and goings and, thus, interests that can inform marketing efforts.

Newer versions of Flash include options to delete the info required for respawning cookies. Previously, third-party utilities were required to remove them.  

The term respawning comes from multiplayer first-person shooter computer games. In these games, when your character dies, you can usually hit a key to restart and have the character “respawn” and reappear in another location.

This was last updated in October 2014

Continue Reading About respawning cookie

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

SearchSecurity

  • buffer underflow

    Buffer underflow, also known as buffer underrun or buffer underwrite, is a threat to data that typically occurs when the ...

  • digital signature

    A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital...

  • denial-of-service attack

    A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific ...

SearchHealthIT

SearchDisasterRecovery

  • virtual disaster recovery

    Virtual disaster recovery is a type of DR that typically involves replication and allows a user to fail over to virtualized ...

  • tabletop exercise (TTX)

    A tabletop exercise (TTX) is a disaster preparedness activity that takes participants through the process of dealing with a ...

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a data center.

SearchStorage

  • secondary storage

    Secondary storage is storage for noncritical data that does not need to be frequently accessed.

  • Pure Storage

    Pure Storage is a provider of enterprise data flash storage solutions designed to substitute for electromechanical disk arrays.

  • yobibyte (YiB)

    A yobibyte (YiB) is a unit of measure used to describe data capacity as part of the binary system of measuring computing and ...

Close