Pakistan Cyber Force: Adobe Flash Player slammed for spying

Top stories

Pakistan Cyber Force [Official]

Friday, January 28, 2011

Adobe Flash Player slammed for spying

Print Friendly and PDF


Local Shared Objects, LSO, commonly called Flash cookies are collections of cookie-like data stored as a file on a user computer. Used by Flash-based applications to store preferences, cache files or save state and temp data, all methods of improving user experience. The sole purpose of this technology is to trace user movements around the Internet and it has the ability to store a lot of information about you, which is around 100 Kilobyte for each cookie whereas, normal HTTP cookies can store only about 4 Kilobyte. The bad news is that you can't locate them in your browser. They are not shown in the list of cookies that you can see when you take a look at the cookies that are currently saved in your web browser. All use them employ Web ad companies like Quantcast, Specificmedia, and Clearspring to deliver Flash ads, and all of those ads store Flash cookies on your hard drive. The bizarre thing is that they can be used to recreate tracking cookies you've deleted.

Adobe Flash Player
In other words, if you've told an advertiser you don't want to be followed around the Web by deleting its tracking cookie, that advertiser can use Flash to reproduce that deleted cookie and continue to track you in secret. This clearly breaks international laws against computer intrusion and surveillance for which several famous companies have been alleged including Disney, Warner Bros. Records, Ustream, Youtube, Google Videos, Columbia Pictures,  and others. They have installed illegal codes on millions of computers with the purpose of tracking the online activity of its users.


This is exactly what the companies referred to collectively as "Clearspring Flash Cookie Affiliates". The defendants are Clearspring Technologies, the company developing Flash-based technologies and its customers, which include Walt Disney Internet Group, Demand Media, Project Playlist, Soapnet, SodaHead, Ustream and Warner Bros. Records. The complaint read, "Defendants Clearspring Flash Cookie Affiliates acted with Defendant Clearspring, independently of one another, and hacked the computers of millions of consumers' computers to plant rogue, cookie-like tracking code on users' computers. With this tracking code, Defendants circumvented users' browser controls for managing web privacy and security."



According to the complaint, the collected information could have been used to determine "users' video viewing choices and personal characteristics such as gender, age, race, number of children, education level, geographic location, and household income, what the web user looked at and what he/she bought, the materials he/she read, details about his/her financial situation, his/her name, home address, e-mail address and telephone number, and even more specific information like health conditions, such as depression." The company developing Flash, has condemned the practice of using Local Storage for backing up or restoring cookies without express user consent.

Getting rid of the perilous danger

You just need to use Adobe's Flash Player Settings Manager. The Website Storage Settings display all Flash cookies that are currently saved on your computer. You can delete flash cookies from individual sites or all at once.



It is also possible to increase or decrease the Kilobyte size of all information that are stored on your computer. No Flash Cookies will be saved if you go into Global Storage Settings and disable the option “Allow third-party Flash content to store data on your computer”. Just follow the instructions and you're good to go.

Surf the internet safely.

Written by: Sarah Ssmq
Edited by: Enticing Fury

Comments
0 Comments

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...