[LINK] RFI: Intrusive Internet Mechanisms
Kim Holburn
kim at holburn.net
Wed Dec 1 21:43:09 AEDT 2010
I don't know if this will work but try this:
delete the \sys\ directory and replace it with a file, say a new empty text file named "sys". Make it owned by administrator or "system" if you can.
On 2010/Dec/01, at 7:13 PM, rene wrote:
> On Wed, 01 Dec 2010 18:28:38 +1100, Jan Whitaker wrote:
>
>> At 02:31 PM 1/12/2010, Karl Auer wrote:
>>> If you use Flash, you should also set the permissions on the
>>> Macromedia home directory to forbid writing. I don't know how you
>>> would do that in Windows, but in Linux it's
>>>
>>> sudo chown root:root /your/home/directory/.macromedia
>>> sudo chmod go-rwx /your/home/directory/.macromedia
>>>
>> Here's the path I finally found after looking around all over the
>> disk: C:\Documents and Settings\Jan Whitaker\Application
>> Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys
>> It wasn't in the other Documents and Settings subdirs nor in the
>> Program Files.
>>
>> There is a settings file in there you can open with a text editor. I
>> have no clue what it means, but its date is today, so it obviously
>> updates itself at some stage frequently.
>>
>> Are you saying this folder should be set to read only?
>
> I think that is the associated Windows implication of what Karl was saying
> about Linux.
>
> However, it appears to me that on Windows it does not work.
>
> Months ago, I set the ...\macromedia.com\support\flashplayer\sys\ directory
> to 'read only' (and it still says it's 'read only' in directory properties)
> but that makes no difference to the ability of Flash player to create/write
> files that I am under the impression contain Flash cookie stuff. With the
> /sys/ directory marked read only in Windows, what happens is that every
> site that runs Flash creates a sub-directory under /sys/ which consists of
> the site name and in the site-named sub-folder there is a file named
> settings.sol. I am under the impression that settings.sol file is the
> equivalent of a cookie (i.e. it's what's called a 'Flash cookie', and it
> may also be used for other purposes, although none seem 'necessary' given
> deleting the file makes no difference to whether or not Flash files on the
> given site will run next time one accesses the site).
>
> To date I've not been able to find a means of preventing the creation of
> *.sol files on Windows, nor automatically causing them to be deleted.
> Completely unsatisfactory/inconvenient as it is, intermittently I go into
> the /sys/ directory and delete all the sub-directories under it (which are
> site names). They'll re-appear if/when I visit a same site and let it run
> Flash, but I just hope that intermittently deleting these files reduces the
> potential for long term tracking etc.
>
> I also have things set in both Opera and my firewall that prevent sites
> from automatically running Flash, absent me saying OK I do really want this
> view this video, which pretty much eliminates the potential for
> unknown/untrusted sites to auto run Flash and set a cookie.
>
> Irene
>
>
>
>
>
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
--
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408 M: +61 404072753
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link
mailing list