Skip to navigation
   
Mark Tennent's Blog
RSS

Adobe’s sneaky cookies takes the biscuit

By Mark Tennent in Reader

Posted in Security on December 11, 2007 at 11:02 am

Permalink | Author Profile

It is a good bet that as astute IT Pros you control who puts a cookie into your computer (and if you don’t you should). Sneaky Macromedia devised a whole new type of cookie storing up to 100k of data, these are Flash Cookies. Never heard of them? You have now.

HTML cookies are little 4k snippets of data sent to your web browser by a server, then returned to the web server by the browser. They derive from Unix magic cookies used for tracking, authentication or site preferences. But they can have nefarious uses too, so the US and EC have legislated against them to prevent hackers from opening back doors into computers.

Flash Cookies are even more sneaky, they have no face in your computer’s filing system. There is no local way to control them or find the little critters even though we know where they are (for Macs: ~/Library/Preferences/Macromedia/Flash Player). Doing a search for Flash Cookies or any combination of Adobe, Flash, Macromedia (from whom Adobe bought Flash), whatever, reveals nothing but I found well over 100 Flash Cookies on my Mac by going to the Flash Player Control Panel.

Don’t bother looking for that either because it is only available on-line from here. Note that this is the actual Control Panel and the only place from where you control Flash Cookies.

Flash Cookies stored

Big Brother
Clicking on its tabs reveal some very worrying features of Flash sites. Third party sites you have never visited can store data on your computer

Third Party Access

Some sites can change the privacy settings for your microphone and camera if you let them. Big Brother can be watching and listening without you realising

Camera Access

Naturally, there are less suspicious uses for Flash Cookies such as remembering volume settings in YouTube windows but I want to control access for myself. Which is why Flash Cookies were devised in the first place. Web developers didn’t want us being able to control their access to our computers and the data they can get from us. If we choose to delete their HTML cookies they cannot skim anything useful from us, so Flash Cookies came into the world.

Privacy

Paranoid? Hmmm, maybe.

12345
Rated: 100% (1 votes)
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments

Comment by Jacques Daviault - December 11, 2007 on 10:01 pm

How do I get at the Flash Cookies control panel? Your screenshots don’t see to all be present. This is great information I didn’t know Mark, thanks.

Comment by Jacques Daviault - December 11, 2007 on 10:03 pm

Oh, and thanks for avoiding the Shakespeare temptation.

:-)

Comment by Mark Tennent - December 11, 2007 on 10:20 pm

Hi Jacques

Clever little devils aren’t they? Took me by surprise too.

Sorry about the screen shots. Blame the new blogging software, WordPress, about which I can’t find anything good to say. It took over an hour to get it to display the darned screen dumps. All in stunning 300 pixel wide-screen, half the size of the previous blogging software and with no way to manage them on the server.

Another example of a web site’s ‘change for the better’ making things worse.

Comment by Jacques Daviault - December 12, 2007 on 3:20 am

I’ve spent a while examining the contents and settings of my local Flash Player Settings Manager and I am shocked. Why, first of all, is this control panel located in such an obscure place, and why is it so complex? Cryptic doesn’t begin to describe some of the tab contents, and that I have to almost accidentally locate this settings manager if I manage to find it at all is suspicious at best. I recall seeing this settings manager when I install new versions of Flash Player, but usually think I’ve been simply redirected to a “Read Me” web page and close it without further ado.

You should have saved your “something is rotten in the state of Denmark” title for this blog entry Mark. that or “Adobe. The New Denmark.”

Just thinking out loud, pay it no mind.

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

Carbonized uplink Time Capsule Quark Spamhaus Steve Linford Spam CAN-SPAM compression spy satellite images Adobe Flash 'Flash Cookies' Macromedia PDF Adobe EyeTV3 Elgato CYTV Andreas Junghans Bonjour proxy server manager BBC iPlayer Cocoa encryption Back to My Mac Lewis Hamilton Bacchus TNT Acrobat ADSL MacBook Air iPod Snow Leopard FileMaker WordPress EDS CyTV Lucidcake 'Andreas Junghans' 'Library of Congress' 'digital images' 'Image Engineering' 'Matthew Brady' photography 'Samuel Morse' Apple Leopard Government SimplyRAR Firewire SuperDuper Service Scrubber
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement