Comments on: Yahoo and the anti-phishing magic seal http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/ News, Review and Thoughts About the Internet Wed, 25 Nov 2009 16:49:01 -0800 http://wordpress.org/?v=2.9.1 hourly 1 By: Joao http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/comment-page-1/#comment-20607 Joao Thu, 06 Sep 2007 12:36:05 +0000 http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/#comment-20607 The seal cookie is stored in a Flash folder... if you delete it and your browser cookies... it's gone! From: http://girishnayak.blogspot.com/2006/09/how-does-yahoo-sign-in-seal-work.html Yahoo uses multiple methodologies to achieve the tagging of user system. 1. Simple browser cookie 2. Flash Shared Objects (.sol) Aka. Flash Cookie 3. XML file in Userdata folder. Interesting part of the findings is how persistent the tagging has been. If you delete one source other one will help yahoo identify the system and recreate the deleted data. How to delete Yahoo Sign In SEAL tracking completely ? 1. Close Browsers 2. Delete the Cookies from browser (IE : Tools >Internet Options> Delete Cookies , Firefox Ctrl+Shift+Del ) 3. Delete Flash Shared Objects from C:\Documents and Settings\{user name}\Application Data\Macromedia\Flash Player\#SharedObjects 4. Delete YL[1].xml. On windows XP you can have it here "C:\Documents and Settings\{user name}\UserData\{random folder like ODFXSDVY} \YL[1].xml The seal cookie is stored in a Flash folder… if you delete it and your browser cookies… it’s gone!

From: http://girishnayak.blogspot.com/2006/09/how-does-yahoo-sign-in-seal-work.html

Yahoo uses multiple methodologies to achieve the tagging of user system.

1. Simple browser cookie
2. Flash Shared Objects (.sol) Aka. Flash Cookie
3. XML file in Userdata folder.

Interesting part of the findings is how persistent the tagging has been. If you delete one source other one will help yahoo identify the system and recreate the deleted data.

How to delete Yahoo Sign In SEAL tracking completely ?

1. Close Browsers
2. Delete the Cookies from browser (IE : Tools >Internet Options> Delete Cookies , Firefox Ctrl+Shift+Del )
3. Delete Flash Shared Objects from C:\Documents and Settings\{user name}\Application Data\Macromedia\Flash Player\#SharedObjects
4. Delete YL[1].xml. On windows XP you can have it here “C:\Documents and Settings\{user name}\UserData\{random folder like ODFXSDVY} \YL[1].xml

]]> By: Jay http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/comment-page-1/#comment-124 Jay Sun, 03 Dec 2006 13:01:22 +0000 http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/#comment-124 I feel it hampers our privacy while surfing the web. The sign-in seal doesn't depend on cookies or browsers. There's something more to it, which uniquely identifies my computer (more than an IP address). Even if I delete the seal, Yahoo! still knows that it is my computer and I have set the setting to not show the seal. I feel it hampers our privacy while surfing the web. The sign-in seal doesn’t depend on cookies or browsers. There’s something more to it, which uniquely identifies my computer (more than an IP address). Even if I delete the seal, Yahoo! still knows that it is my computer and I have set the setting to not show the seal.

]]> By: Jim http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/comment-page-1/#comment-52 Jim Wed, 20 Sep 2006 02:30:52 +0000 http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/#comment-52 I think it's more than cookies. Cleared the Firefox cookies and restarted, seal is there. Installed a brand new browser, like Opera, and the seal is there. Must somehow get a number off your PC, like a MAC address. I think it’s more than cookies. Cleared the Firefox cookies and restarted, seal is there. Installed a brand new browser, like Opera, and the seal is there. Must somehow get a number off your PC, like a MAC address.

]]> By: webbythoughts http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/comment-page-1/#comment-46 webbythoughts Tue, 12 Sep 2006 00:55:31 +0000 http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/#comment-46 I do understand how cookies work. And for that exact reason I think this is a pretty useless method that Yahoo is proposing. Anything that needs to get reset up everytime you clean up cookies or move to a new computer isn't going to be something that people are going to be willing to buy into. I do understand how cookies work. And for that exact reason I think this is a pretty useless method that Yahoo is proposing. Anything that needs to get reset up everytime you clean up cookies or move to a new computer isn’t going to be something that people are going to be willing to buy into.

]]> By: zed http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/comment-page-1/#comment-43 zed Mon, 11 Sep 2006 18:05:10 +0000 http://www.webbythoughts.com/20/yahoo-and-the-anti-phishing-magic-seal/#comment-43 Though you call yourself an "internet man", you seem to have no idea whatsoever what it takes to id a website user. The server end simply does not get any more info (usable for unique identification) on you than your IP address (not exactly relevant) and whatever cookie is stored *on your computer*. As such there's absolutely no way to send you back your personalized sign-in seal without you logging in first, if not done by cookies. And then again, cookies are tied to a single computer. Though you call yourself an “internet man”, you seem to have no idea whatsoever what it takes to id a website user.

The server end simply does not get any more info (usable for unique identification) on you than your IP address (not exactly relevant) and whatever cookie is stored *on your computer*.

As such there’s absolutely no way to send you back your personalized sign-in seal without you logging in first, if not done by cookies. And then again, cookies are tied to a single computer.

]]>