Re: [News] Why Flash is Evil: Spyware to the Max - Linux

This is a discussion on Re: [News] Why Flash is Evil: Spyware to the Max - Linux ; On Thu, 16 Oct 2008 11:13:19 +0000, Roy Schestowitz wrote: > > Flash Cookies: The Silent Privacy Killer > > http://www.imasuper.com/66/technolog...rivacy-killer/ Great post Roy, I had no idea about Flash cookies. -- Tony Sivori Due to spam, I'm now filtering ...

+ Reply to Thread
Results 1 to 11 of 11

Thread: Re: [News] Why Flash is Evil: Spyware to the Max

  1. Re: [News] Why Flash is Evil: Spyware to the Max

    On Thu, 16 Oct 2008 11:13:19 +0000, Roy Schestowitz wrote:
    >
    > Flash Cookies: The Silent Privacy Killer
    >
    > http://www.imasuper.com/66/technolog...rivacy-killer/


    Great post Roy, I had no idea about Flash cookies.

    --
    Tony Sivori
    Due to spam, I'm now filtering all Google Groups posters.

  2. Re: [News] Why Flash is Evil: Spyware to the Max

    After takin' a swig o' grog, Tony Sivori belched out
    this bit o' wisdom:

    > On Thu, 16 Oct 2008 11:13:19 +0000, Roy Schestowitz wrote:
    >>
    >> Flash Cookies: The Silent Privacy Killer
    >>
    >> http://www.imasuper.com/66/technolog...rivacy-killer/

    >
    > Great post Roy, I had no idea about Flash cookies.


    In your home directory, try

    $ find .adobe

    All I have is an empty directory with a random name. (Have to check the
    32-bit box at some point). Whoops, just tried this

    $ find .macromedia

    Oh yeah, a lot of *.sol files. :-* (pucker icon)

    --
    The choice of approaches could be made the responsibility of the
    programmer.
    -- Larry Wall in <199709081901.MAA20863@wall.org>

  3. Re: [News] Why Flash is Evil: Spyware to the Max

    On Fri, 17 Oct 2008 11:02:24 -0400, Chris Ahlstrom wrote:

    > After takin' a swig o' grog, Tony Sivori belched out
    > this bit o' wisdom:
    >
    >> On Thu, 16 Oct 2008 11:13:19 +0000, Roy Schestowitz wrote:
    >>>
    >>> Flash Cookies: The Silent Privacy Killer
    >>>
    >>> http://www.imasuper.com/66/technolog...rivacy-killer/

    >>
    >> Great post Roy, I had no idea about Flash cookies.

    >
    > In your home directory, try
    >
    > $ find .adobe
    >
    > All I have is an empty directory with a random name. (Have to check the
    > 32-bit box at some point). Whoops, just tried this
    >
    > $ find .macromedia
    >
    > Oh yeah, a lot of *.sol files. :-* (pucker icon)


    Even after following the instructions (including setting storage to zero
    to prevent future infestation) on the imasuper.com and Adobe websites I
    still have two .sol files, plus many more "shared" files that are from
    specific websites, like Office Depot. Best Buy, YouTube, and news sites.

    There's even one from Twitter, and as best I know I never been to that
    site. I know I've never used Twitter.

    --
    Tony Sivori
    Due to spam, I'm now filtering all Google Groups posters.

  4. Re: [News] Why Flash is Evil: Spyware to the Max

    On Fri, 17 Oct 2008 11:42:37 -0400, Tony Sivori wrote:

    > On Fri, 17 Oct 2008 11:02:24 -0400, Chris Ahlstrom wrote:
    >
    >> After takin' a swig o' grog, Tony Sivori belched out
    >> this bit o' wisdom:
    >>
    >>> On Thu, 16 Oct 2008 11:13:19 +0000, Roy Schestowitz wrote:
    >>>>
    >>>> Flash Cookies: The Silent Privacy Killer
    >>>>
    >>>> http://www.imasuper.com/66/technolog...rivacy-killer/
    >>>
    >>> Great post Roy, I had no idea about Flash cookies.

    >>
    >> In your home directory, try
    >>
    >> $ find .adobe
    >>
    >> All I have is an empty directory with a random name. (Have to check the
    >> 32-bit box at some point). Whoops, just tried this
    >>
    >> $ find .macromedia
    >>
    >> Oh yeah, a lot of *.sol files. :-* (pucker icon)

    >
    > Even after following the instructions (including setting storage to zero
    > to prevent future infestation) on the imasuper.com and Adobe websites I
    > still have two .sol files, plus many more "shared" files that are from
    > specific websites, like Office Depot. Best Buy, YouTube, and news sites.
    >
    > There's even one from Twitter, and as best I know I never been to that
    > site. I know I've never used Twitter.


    Poor baby.

    I suggest you disconnect your computer from the Internet if stuff like this
    bothers you.

    --
    Moshe Goldfarb
    Collector of soaps from around the globe.
    Please visit The Hall of Linux Idiots:
    http://linuxidiots.blogspot.com/
    Please Visit www.linsux.org

  5. Re: [News] Why Flash is Evil: Spyware to the Max

    After takin' a swig o' grog, Tony Sivori belched out
    this bit o' wisdom:

    > On Fri, 17 Oct 2008 11:02:24 -0400, Chris Ahlstrom wrote:
    >>
    >> All I have is an empty directory with a random name. (Have to check the
    >> 32-bit box at some point). Whoops, just tried this
    >>
    >> $ find .macromedia
    >>
    >> Oh yeah, a lot of *.sol files. :-* (pucker icon)

    >
    > Even after following the instructions (including setting storage to zero
    > to prevent future infestation) on the imasuper.com and Adobe websites I
    > still have two .sol files, plus many more "shared" files that are from
    > specific websites, like Office Depot. Best Buy, YouTube, and news sites.
    >
    > There's even one from Twitter, and as best I know I never been to that
    > site. I know I've never used Twitter.


    My laptop has even more files. And this:

    .macromedia/Flash_Player/macromedia.com/support/flashplayer/sys/#twitter.com/settings.sol

    Others:

    tattomedia.com, illumenix.com, honda.co.uk, www.spike.com,
    uncutvideo.aol.com!

    All in all, about 145 *.sol files, about 1.5 Mb worth.

    --
    Q: What's hard going in and soft and sticky coming out?
    A: Chewing gum.

  6. Re: [News] Why Flash is Evil: Spyware to the Max

    Verily I say unto thee, that Tony Sivori spake thusly:

    > Even after following the instructions (including setting storage to
    > zero to prevent future infestation) on the imasuper.com and Adobe
    > websites I still have two .sol files, plus many more "shared" files
    > that are from specific websites, like Office Depot. Best Buy,
    > YouTube, and news sites.
    >
    > There's even one from Twitter, and as best I know I never been to
    > that site. I know I've never used Twitter.


    Try the sledgehammer approach:

    rm -fr .macromedia/* .adobe/*
    chmod 400 .macromedia .adobe

    You could also try an SELinux policy that effectively blocks
    libflashplayer.so from writing to context user_home_t.

    --
    K.
    http://slated.org

    ..----
    | "At the time, I thought C was the most elegant language and Java
    | the most practical one. That point of view lasted for maybe two
    | weeks after initial exposure to Lisp." ~ Constantine Vetoshev
    `----

    Fedora release 8 (Werewolf) on sky, running kernel 2.6.25.11-60.fc8
    01:41:38 up 7 days, 10:37, 3 users, load average: 0.15, 0.09, 0.03

  7. Re: [News] Why Flash is Evil: Spyware to the Max

    On Sat, 18 Oct 2008 01:41:59 +0100, Homer wrote:

    > Verily I say unto thee, that Tony Sivori spake thusly:
    >
    >> Even after following the instructions (including setting storage to
    >> zero to prevent future infestation) on the imasuper.com and Adobe
    >> websites I still have two .sol files, plus many more "shared" files
    >> that are from specific websites, like Office Depot. Best Buy,
    >> YouTube, and news sites.
    >>
    >> There's even one from Twitter, and as best I know I never been to
    >> that site. I know I've never used Twitter.

    >
    > Try the sledgehammer approach:
    >
    > rm -fr .macromedia/* .adobe/*
    > chmod 400 .macromedia .adobe
    >
    > You could also try an SELinux policy that effectively blocks
    > libflashplayer.so from writing to context user_home_t.


    That's the Linux way....
    You guys always seem to be missing out on all the good stuff....

    Find a bank that allows a CLI dialup connection yet Homer?

    --
    Moshe Goldfarb
    Collector of soaps from around the globe.
    Please visit The Hall of Linux Idiots:
    http://linuxidiots.blogspot.com/
    Please Visit www.linsux.org

  8. Re: [News] Why Flash is Evil: Spyware to the Max

    On Sat, 18 Oct 2008 01:41:59 +0100, Homer wrote:

    > Verily I say unto thee, that Tony Sivori spake thusly:
    >
    >> Even after following the instructions (including setting storage to
    >> zero to prevent future infestation) on the imasuper.com and Adobe
    >> websites I still have two .sol files, plus many more "shared" files
    >> that are from specific websites, like Office Depot. Best Buy, YouTube,
    >> and news sites.
    >>
    >> There's even one from Twitter, and as best I know I never been to that
    >> site. I know I've never used Twitter.

    >
    > Try the sledgehammer approach:
    >
    > rm -fr .macromedia/* .adobe/*
    > chmod 400 .macromedia .adobe


    I'm tempted.

    > You could also try an SELinux policy that effectively blocks
    > libflashplayer.so from writing to context user_home_t.


    I've found that turning off local storage breaks Flash. I set the local
    storage to zero. The next day while browsing newegg for a video card, I
    found that trying to view the detailed pictures resulted in Flash asking
    for permission to store local content. Most annoyingly, the picture I
    wanted came up, but the permission box blocked it, and the permission box
    could not be dragged to the side. Denying permission didn't work either,
    when I did that the picture went away.

    Long story short, if you want to use Flash, you have to allow local
    storage.

    I guess the best solution (for me at least) is to purge the stored Flash
    files whenever I decide it is time to delete browser cache, history, and
    cookies.

    --
    Tony Sivori
    Due to spam, I'm now filtering all Google Groups posters.

  9. Re: [News] Why Flash is Evil: Spyware to the Max

    On 2008-10-19, Tony Sivori claimed:

    > I've found that turning off local storage breaks Flash. I set the local
    > storage to zero. The next day while browsing newegg for a video card, I
    > found that trying to view the detailed pictures resulted in Flash asking
    > for permission to store local content. Most annoyingly, the picture I
    > wanted came up, but the permission box blocked it, and the permission box
    > could not be dragged to the side. Denying permission didn't work either,
    > when I did that the picture went away.
    >
    > Long story short, if you want to use Flash, you have to allow local
    > storage.
    >
    > I guess the best solution (for me at least) is to purge the stored Flash
    > files whenever I decide it is time to delete browser cache, history, and
    > cookies.


    You could run the browser from a script, and at the end of the script,
    when the browser quits, have it purge all of the flash buildup. Then
    you can have flash while browsing and not store anything other
    companies can track. You could also run NoScript and FlashBlock and
    only allow those places you want allowed to begin with.

    I do the latter. But I'm considering the former. I usually run the
    browser from a script anyway. Then I can adjust which installed Firefox
    is used when I choose to have multiple versions and/or one I install
    manually that's not in the default location.

    --
    Windows doesn't have any bugs. It just develops random features.

  10. Re: [News] Why Flash is Evil: Spyware to the Max

    On 2008-10-19, Tony Sivori wrote:
    > On Sat, 18 Oct 2008 01:41:59 +0100, Homer wrote:
    >
    >> Verily I say unto thee, that Tony Sivori spake thusly:
    >>
    >>> Even after following the instructions (including setting storage to
    >>> zero to prevent future infestation) on the imasuper.com and Adobe
    >>> websites I still have two .sol files, plus many more "shared" files
    >>> that are from specific websites, like Office Depot. Best Buy, YouTube,
    >>> and news sites.
    >>>
    >>> There's even one from Twitter, and as best I know I never been to that
    >>> site. I know I've never used Twitter.

    >>
    >> Try the sledgehammer approach:
    >>
    >> rm -fr .macromedia/* .adobe/*
    >> chmod 400 .macromedia .adobe

    >
    > I'm tempted.
    >
    >> You could also try an SELinux policy that effectively blocks
    >> libflashplayer.so from writing to context user_home_t.

    >
    > I've found that turning off local storage breaks Flash. I set the local
    > storage to zero. The next day while browsing newegg for a video card, I
    > found that trying to view the detailed pictures resulted in Flash asking
    > for permission to store local content. Most annoyingly, the picture I
    > wanted came up, but the permission box blocked it, and the permission box
    > could not be dragged to the side. Denying permission didn't work either,
    > when I did that the picture went away.
    >
    > Long story short, if you want to use Flash, you have to allow local
    > storage.
    >
    > I guess the best solution (for me at least) is to purge the stored Flash
    > files whenever I decide it is time to delete browser cache, history, and
    > cookies.


    I put mine in my local crontab (vixie cron):

    @hourly rm -rf ~/.macromedia ~/.adobe/Flash_Player

    This works fine.

    --
    Regards,

    Gregory.
    Gentoo Linux - Penguin Power

  11. Re: [News] Why Flash is Evil: Spyware to the Max

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    ____/ Gregory Shearman on Sunday 19 October 2008 22:16 : \____

    > On 2008-10-19, Tony Sivori wrote:
    >> On Sat, 18 Oct 2008 01:41:59 +0100, Homer wrote:
    >>
    >>> Verily I say unto thee, that Tony Sivori spake thusly:
    >>>
    >>>> Even after following the instructions (including setting storage to
    >>>> zero to prevent future infestation) on the imasuper.com and Adobe
    >>>> websites I still have two .sol files, plus many more "shared" files
    >>>> that are from specific websites, like Office Depot. Best Buy, YouTube,
    >>>> and news sites.
    >>>>
    >>>> There's even one from Twitter, and as best I know I never been to that
    >>>> site. I know I've never used Twitter.
    >>>
    >>> Try the sledgehammer approach:
    >>>
    >>> rm -fr .macromedia/* .adobe/*
    >>> chmod 400 .macromedia .adobe

    >>
    >> I'm tempted.
    >>
    >>> You could also try an SELinux policy that effectively blocks
    >>> libflashplayer.so from writing to context user_home_t.

    >>
    >> I've found that turning off local storage breaks Flash. I set the local
    >> storage to zero. The next day while browsing newegg for a video card, I
    >> found that trying to view the detailed pictures resulted in Flash asking
    >> for permission to store local content. Most annoyingly, the picture I
    >> wanted came up, but the permission box blocked it, and the permission box
    >> could not be dragged to the side. Denying permission didn't work either,
    >> when I did that the picture went away.
    >>
    >> Long story short, if you want to use Flash, you have to allow local
    >> storage.
    >>
    >> I guess the best solution (for me at least) is to purge the stored Flash
    >> files whenever I decide it is time to delete browser cache, history, and
    >> cookies.

    >
    > I put mine in my local crontab (vixie cron):
    >
    > @hourly rm -rf ~/.macromedia ~/.adobe/Flash_Player
    >
    > This works fine.


    Thanks. Just done that too.

    - --
    ~~ Best of wishes

    Roy S. Schestowitz | D-I-S-C-O becomes D-I-E S-C-O
    http://Schestowitz.com | GNU is Not UNIX | PGP-Key: 0x74572E8E
    http://iuron.com - proposing a non-profit search engine
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (GNU/Linux)

    iEYEARECAAYFAkj7xMEACgkQU4xAY3RXLo6t/QCfRBjz4oTWTfbB5qoHYmY3eLki
    DKEAoKFEZQg9yGJZgqLDXTNWiYKekl7C
    =PsoB
    -----END PGP SIGNATURE-----

+ Reply to Thread