Adobe changes Flash Player feature to prevent user tracking
Posted on 13 January 2011.
In the last few years, Adobe has realized that their products will have no future if they don't step up the security aspect, and so they started doing things like issuing security patches regularly and adding a sandbox to one of their most used software.

The latest of their efforts is geared towards the protection of users' privacy - they announced that they've been working with a number of browser vendors in order to make LSO management possible from within the browser.

"Local shared objects" (LSOs) are a part of the Flash Player feature that allows rich Internet applications to store settings or cached items. Among other things, it is what allows sites and applications to remember information so that when you return to, for example, a video site, it can show you a playlist of your most recently viewed videos without requiring you to login, or indeed even have an account.

It's easy to see how people might be concerned about the feature getting abused to restore cookies deleted by users by various sites, especially because many major sites are currently facing lawsuits for tracking users on their sites using this particular feature.

The result of this collaboration with browser vendors (Mozilla, Google) resulted in a new browser API for clearing local data, which will allow the user to clear local storage for any plugin that implements it. They also added improvements to the Flash Player Settings Manager.

"By right-clicking on any content that is written for Flash Player, and selecting 'Global Settings…' (or by visiting the Flash Player Settings Manager directly), you can customize which sites, if any, are allowed to use local storage. You can even turn local storage off entirely, if you don’t feel you need the functionality for things such as saving game data or your preferences on websites," explains Emmy Huang, and adds that a redesign of the Manager is also in the works, which will "make it simpler for users to understand and manage their Flash Player settings and privacy preferences."






Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //