[LINK] RFI: Intrusive Internet Mechanisms
rene
rene.ln at libertus.net
Wed Dec 1 19:13:45 AEDT 2010
On Wed, 01 Dec 2010 18:28:38 +1100, Jan Whitaker wrote:
> At 02:31 PM 1/12/2010, Karl Auer wrote:
>> If you use Flash, you should also set the permissions on the
>> Macromedia home directory to forbid writing. I don't know how you
>> would do that in Windows, but in Linux it's
>>
>> sudo chown root:root /your/home/directory/.macromedia
>> sudo chmod go-rwx /your/home/directory/.macromedia
>>
> Here's the path I finally found after looking around all over the
> disk: C:\Documents and Settings\Jan Whitaker\Application
> Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys
> It wasn't in the other Documents and Settings subdirs nor in the
> Program Files.
>
> There is a settings file in there you can open with a text editor. I
> have no clue what it means, but its date is today, so it obviously
> updates itself at some stage frequently.
>
> Are you saying this folder should be set to read only?
I think that is the associated Windows implication of what Karl was saying
about Linux.
However, it appears to me that on Windows it does not work.
Months ago, I set the ...\macromedia.com\support\flashplayer\sys\ directory
to 'read only' (and it still says it's 'read only' in directory properties)
but that makes no difference to the ability of Flash player to create/write
files that I am under the impression contain Flash cookie stuff. With the
/sys/ directory marked read only in Windows, what happens is that every
site that runs Flash creates a sub-directory under /sys/ which consists of
the site name and in the site-named sub-folder there is a file named
settings.sol. I am under the impression that settings.sol file is the
equivalent of a cookie (i.e. it's what's called a 'Flash cookie', and it
may also be used for other purposes, although none seem 'necessary' given
deleting the file makes no difference to whether or not Flash files on the
given site will run next time one accesses the site).
To date I've not been able to find a means of preventing the creation of
*.sol files on Windows, nor automatically causing them to be deleted.
Completely unsatisfactory/inconvenient as it is, intermittently I go into
the /sys/ directory and delete all the sub-directories under it (which are
site names). They'll re-appear if/when I visit a same site and let it run
Flash, but I just hope that intermittently deleting these files reduces the
potential for long term tracking etc.
I also have things set in both Opera and my firewall that prevent sites
from automatically running Flash, absent me saying OK I do really want this
view this video, which pretty much eliminates the potential for
unknown/untrusted sites to auto run Flash and set a cookie.
Irene
More information about the Link
mailing list