[LINK] RFI: Intrusive Internet Mechanisms

Kim Holburn kim at holburn.net
Wed Dec 1 21:43:09 AEDT 2010


I don't know if this will work but try this:
delete the \sys\ directory and replace it with a file, say a new empty text file named "sys".  Make it owned by administrator or "system" if you can.

On 2010/Dec/01, at 7:13 PM, rene wrote:

> On Wed, 01 Dec 2010 18:28:38 +1100, Jan Whitaker wrote:
> 
>> At 02:31 PM 1/12/2010, Karl Auer wrote:
>>> If you use Flash, you should also set the permissions on the
>>> Macromedia home directory to forbid writing. I don't know how you
>>> would do that in Windows, but in Linux it's
>>> 
>>> sudo chown root:root /your/home/directory/.macromedia
>>> sudo chmod go-rwx /your/home/directory/.macromedia
>>> 
>> Here's the path I finally found after looking around all over the
>> disk: C:\Documents and Settings\Jan Whitaker\Application
>> Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys
>> It wasn't in the other Documents and Settings subdirs nor in the
>> Program Files.
>> 
>> There is a settings file in there you can open with a text editor. I
>> have no clue what it means, but its date is today, so it obviously
>> updates itself at some stage frequently.
>> 
>> Are you saying this folder should be set to read only?
> 
> I think that is the associated Windows implication of what Karl was saying 
> about Linux. 
> 
> However, it appears to me that on Windows it does not work. 
> 
> Months ago, I set the ...\macromedia.com\support\flashplayer\sys\ directory 
> to 'read only' (and it still says it's 'read only' in directory properties) 
> but that makes no difference to the ability of Flash player to create/write 
> files that I am under the impression contain Flash cookie stuff. With the 
> /sys/ directory marked read only in Windows, what happens is that every 
> site that runs Flash creates a sub-directory under /sys/ which consists of 
> the site name and in the site-named sub-folder there is a file named 
> settings.sol. I am under the impression that settings.sol file is the 
> equivalent of a cookie (i.e. it's what's called a 'Flash cookie', and it 
> may also be used for other purposes, although none seem 'necessary' given 
> deleting the file makes no difference to whether or not Flash files on the 
> given site will run next time one accesses the site). 
> 
> To date I've not been able to find a means of preventing the creation of 
> *.sol files on Windows, nor automatically causing them to be deleted. 
> Completely unsatisfactory/inconvenient as it is, intermittently I go into 
> the /sys/ directory and delete all the sub-directories under it (which are 
> site names). They'll re-appear if/when I visit a same site and let it run 
> Flash, but I just hope that intermittently deleting these files reduces the 
> potential for long term tracking etc. 
> 
> I also have things set in both Opera and my firewall that prevent sites 
> from automatically running Flash, absent me saying OK I do really want this 
> view this video, which pretty much eliminates the potential for 
> unknown/untrusted sites to auto run Flash and set a cookie.
> 
> Irene
> 
> 
> 
> 
> 
> 
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request 













More information about the Link mailing list