Techsurvivors

Welcome to Techsurvivors => Tech => Topic started by: jchuzi on September 21, 2010, 05:34:10 PM

Title: beware of flash cookies
Post by: jchuzi on September 21, 2010, 05:34:10 PM
Code That Tracks Users’ Browsing Prompts Lawsuits You can get rid of Flash cookies with Flush.
Title: beware of flash cookies
Post by: Xairbusdriver on September 21, 2010, 11:32:53 PM
Unfortunately, you can't block Flash cookies unless you turn Flash off (which is my normal ops) but occasionally, you'll let one play and, wham, you just collected a new Flash cookie. You can find them, but maybe not where you'd expect. They're not in ~/Library/Cookies nor are they in anything with "Adobe" in its name. Macromedia is the creator of Flash so they kept that name for the folder. ~/Library/Preferences/Macromedia/Flash Player/...and maybe several more folders, some with non-human recognizable names. wallbash.gif Flush does just fine and you don't have to remember where the files (.sol) are hiding. rolleyes.gif

I've yet to read a 'disclosure/privacy' statement that doesn't include a clause that says the current company may, in the future (as if time travel backwards might soon be a possibility), sell the company to some other entity and the sale would include all the data they have gathered. Of course, all bets are off about your privacy at that point. Fortunately, web companies hardly ever get bought out... Groaner.gif
Title: beware of flash cookies
Post by: kimmer on September 22, 2010, 12:02:08 AM
Interestingly, this morning I used the Adobe site to dump all my flash cookies. Then I visited this thread, updated Flush, ran it and WOW.gif there were several dozen more cookies that weren't dumped by the Adobe site.  dry.gif Now to remember to use Flush on a regular basis.
Title: beware of flash cookies
Post by: pendragon on September 22, 2010, 12:04:27 AM
You can delete all cookies, and/or, for each specific site: Always Ask, Always Allow, or Allows Deny.

Alas, the Website names are not always easily recognizable. And are, of course, after the fact.

See: Adobe Flash Privacy Settings
Title: beware of flash cookies
Post by: Highmac on September 22, 2010, 01:52:14 AM
Coincidentally, MacFormat forum has a thread started yesterday about Flash cookies; after linking to the Flush site mentioned above, Klaus1 continues:

QUOTE
The excellent add-on for Safari called Glims now includes a setting for automatically deleting flash cookies when Safari is shut down:

http://www.machangout.com/

which not only does that but much more equally useful stuff!

This article covers the issue in more depth:

http://www.wired.com/epicenter/2009/08/you...es-think-again/

Flash cookies are also known as 'Zombie Cookies' and are used by a number of firms, including Hulu, MTV, and Myspace. Graham Cluley, senior technology consultant at the internet security firm Sophos, told BBC News that the source of the trouble was Adobe Flash itself, which he called "one of the weirdest programs on the planet".

"I think it's highly unlikely that these large companies have abused Flash cookies - which are different from browser cookies - with malicious intent," he said.

"I think it's much more likely that the vast majority of users are simply oblivious to the bizarre way in which Adobe allows them to configure the software."

http://www.bbc.co.uk/news/technology-10787882


Glims certainly sounds useful. And don't you just love that line about Flash being "one of the weirdest programs on the planet...." ? biggrin.gif

Edit to add: Posted with Klaus's agreement
Title: beware of flash cookies
Post by: jchuzi on September 22, 2010, 07:33:35 AM
For those who want to follow this discussion in another forum, visit this FineTuned Mac thread for additional comments.
Title: beware of flash cookies
Post by: jchuzi on September 22, 2010, 07:41:46 AM
Here's some irony: Adobe has discovered that Flash Player has some   security flaws! IMHO, FP itself is a security flaw.
Title: beware of flash cookies
Post by: gunug on September 22, 2010, 08:01:06 AM
Beware also the "immortal" evercookie: http://yro.slashdot.org/story/10/09/22/121...able-Evercookie

Don't go to the link that is cited at "Slashdot" you might get it!  You'll undoubtedly be able to read all about it elsewhere by the end of the day!
Title: beware of flash cookies
Post by: Xairbusdriver on September 22, 2010, 08:27:01 AM
Speaking of irony, when "accessing" the Adobe Flash Settings page on a flash disabled device, one is greeted with:
QUOTE
Website Privacy Settings panel
This content requires Flash
"In order to prevent problems/security risks/information harvesting by Flash, you must use Flash. wallbash.gif Where O where is that 1984 hammer thrower... inspect.gif
Title: beware of flash cookies
Post by: gunug on September 22, 2010, 09:40:24 AM
"It would be a Flash finish" in other words?  whistling.gif
Title: beware of flash cookies
Post by: kimmer on September 22, 2010, 02:09:35 PM
QUOTE(jchuzi @ Sep 22 2010, 04:41 AM) <{POST_SNAPBACK}>
Here's some irony: Adobe has discovered that Flash Player has some   security flaws!

 wallbash.gif
QUOTE
IMHO, FP itself is a security flaw.

Yup, but a good chunk of the web is unusable without it.  Paranoid.gif
Title: beware of flash cookies
Post by: Jack W on September 22, 2010, 07:49:41 PM
QUOTE(kimmer @ Sep 22 2010, 03:09 PM) <{POST_SNAPBACK}>
QUOTE(jchuzi @ Sep 22 2010, 04:41 AM) <{POST_SNAPBACK}>
Here's some irony: Adobe has discovered that Flash Player has some   security flaws!

 wallbash.gif
QUOTE
IMHO, FP itself is a security flaw.

Yup, but a good chunk of the web is unusable without it.  Paranoid.gif

And ain't that too bad!!!!
Count me among the throngs that hate Flash, in fact I'm definitely not fond of Adobe with all their bloatware.