Slashdot Mirror

Isn't this a way to permanently disable Flash cookies?

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html

Note that this isn't just documentation. If you have Flash installed, the first what looks like a screenshot is actually the Flash config panel.

Adobe could improve it by adding "Clear all cookies on exit".

Doesn't Adobe's Flash settings widget work in Linux? It seems a bit drastic disabling Flash cookies for the whole internet when you can set preferences individually for each website you visit.

You can view/delete your flash cookies here: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

There's also a firefox plug-in: http://objection.mozdev.org/

I agree, regular tracking regardless of the technology used.

And a way to view what you currently have..
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Go here to see all the flash cookies and delete any and all you don't want. Might not be as easy as deleting a directory, but I don't necessarily want to delete them all.

I think this release is bad or something is wrong with my Debian.

I downloaded
http://fpdownload.macromedia.com/get/flashplayer/current/install_flash_player_10_linux.deb to upgrade my old Flash v10 in Debian, but I am getting problems:

# dpkg --install install_flash_player_10_linux.deb
(Reading database ... 162227 files and directories currently installed.)
Preparing to replace adobe-flashplugin 10.0.22.87-1 (using install_flash_player_10_linux.deb) ...
update-alternatives: error: no alternatives for iceape-flashplugin.
update-alternatives: error: no alternatives for iceape-flashplugin.
dpkg: warning: old pre-removal script returned error exit status 2
dpkg - trying script from the new package instead ...
update-alternatives: error: no alternatives for iceape-flashplugin.
update-alternatives: error: no alternatives for iceape-flashplugin.
dpkg: error processing install_flash_player_10_linux.deb (--install):
  subprocess new pre-removal script returned error exit status 2
postinst called with argument `abort-upgrade'
dpkg: error while cleaning up:
  subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
  install_flash_player_10_linux.deb

# dpkg --remove adobe-flashplugin
dpkg: error processing adobe-flashplugin (--remove):
  Package is in a very bad inconsistent state - you should
  reinstall it before attempting a removal.
Errors were encountered while processing:
  adobe-flashplugin

If I try to reinstall it, then I get the same results in the beginning.

How do I fix this? Thank you in advance. :)

It's easy to check on them:

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

It is also possible to turn local storage off completely (I'm not sure how much that breaks things though).

Pandora stores its data about users in flash "cookies" (Local Shared Objects). If you can find and delete those cookies, you can reset your skips (as well as cause Pandora to forget your username and password; doesn't kick you off though). Unlimited skips! I believe you can delete them here,Âwith this Firefox addon and probably by manually finding and deleting them. (I'm too lazy to determine the directory. It would be just wonderful if someone could clarify.) No telling what happens when/if you are caught.

Then you delete your "flash cookies" at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

IT allows you to access the flash Settings Manager and delete things one by one.

Did someone forget the tinfoil hat? Many forget about those annoying flash 'cookie' packages? You either whack em from the file system, or head over to MacroMedia/aka Adobe web site to access 'their' online Settings Manager tool at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html

Whether or not the intention was initially there, because they can, the cynic in me says they will.

The author says that Linux doesn't have all the available plugins to enjoy the web. What plugins is he talking about? The most commonly used plugin is Flash and it has been available for a while.

Not only that, but Adobe has released a Flash 64-bit plugin for Linux (alpha), and not for Windows. I'm using it right now.

Creating a "Private Mode" guest account with $HOME in /tmpfs is the only possibly safe way. A few scripts can even make it icon-clickable for regular users (ssh -X, etc. ).

But that won't prevent your ISP/Corporate admin to see traffic. Unless you use a Tor plugin - and even then you need to trust Tor exit node.

Point being: it's easier to just not need a "Private Mode" to begin with. Sex is better in real life, anyway.

Global Storage Settings panel

And near the bottom, a link to the Global Privacy Settings panel

Global Storage Settings panel

And near the bottom, a link to the Global Privacy Settings panel

http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
"The Settings Manager is a special control panel that runs on your local computer but is displayed within and accessed from the Adobe website. Adobe does not have access to the settings that you see in the Settings Manager or to personal information on your computer."

Of course, you do have to take their word for it - but it doesn't appear as though a Flash app on Adobe's servers is reading that information in, itself; and presumably that means other Flash apps can't, either.

It's still very, very odd that it is displayed on their site, though - where's the config option in the plug-in / external app / whatever? I have to go online, and access Adbobe's site, in order to change settings? That's just plain weird.

Go to This site

1.) Go to Website Storage settings -> Delete all sites

2.) Go to Global Storage settings -> allow 0 kb of storage

3.) ????? 4.) Profit! (and/or continue going to porn sites...)

Those are lots of numbers but it doesn't fully address Pandora.

One of the nice things about Pandora is that it doesn't stream in the traditional sense. It DLs a mp3 in the background as quick as possible and then plays from the local cache. If you watch your bandwidth it'll DL at high speed for a few seconds then sit idle through several minutes of music, then just before the song ends it'll DL the next song. While the FAQ states that it streams at 128 kbps, I'd call that a very dumbed down version of reality.

This also lets you pause a song indefinitely and it will resume from that paused point if you switch "stations" during the paused state or if you switch stations without pausing it will pause automatically.

FWIW the storage Pandora uses is part of Adobe Flash so if you want to modify the cache settings you would follow this link to bring up the settings http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html#117498

I haven't bothered to check to see if that storage is flushed on a reboot. At the least I'm assuming it is kept so you don't have to waste bandwidth replaying a song later in the same multihour session.

It's not perfect but I'll actually miss it should Pandora go away.

Well, there's also video cam support - it is supposed to ask your permission first, but perhaps there are unexplored features/vulnerabilities in it too :

http://www.macromedia.com/support/documentation/en/flashplayer/help/help04.html#117089

If I was a hacker^^^^^^security researcher, I'd be looking there first.

One of the reasons why I surf with Flash off.

http://download.macromedia.com/pub/labs/flashplayer10/flashplayer10_install_linux_081108.tar.gz , install it or convert to rpm or deb, etc. Runs like a champ.

development IDE similar to Visual Studio (circa 2002) that handled python, javascript, and HTML, I would lay down some cash.

Any specific reason you do not want to use Eclipse? There is a rather good python(Just google python eclipse plugin).

For javascript I use JSEclipse. The repository for JSEclipse is at http://download.macromedia.com/pub/labs/jseclipse/autoinstall or browser to http://labs.adobe.com/technologies/jseclipse/

(There are plenty of html plugins but I havent used any of them, so I can't recomand any specific one.

You can configure Flash not to store any data locally. Go here: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html

You can then configure settings for each site you visit by right clicking on a flash object and selecting "Options". You can allow each site to store a small amount of data, say 4k.

FlashBlock for Firefox is also an excellent solution to this problem.

I'm sure you meant the specs for the Flash protocol, not the player... that's beside the point. Here's the PDF I wanted to to browse through: AMF spec. It's a good start for Adobe. More should be encouraged. In the meantime, reverse engineering is producing good work.

Yesterday I found out something quite interesting while reading a thread at LinuxQuestions.org. Summary: the flash browser plugin lets flash applications store information persistently on your hard drive. Sorry if this is common knowledge, but I didnt know it and Im quite shocked. That information can (may or may not) be used as browser cookies, as the thread shows. These days many people take their cookies seriously, maybe disabling them or deleting them from time to time or adjusting the browser cookie settings so it considers every cookie a session cookie that should be deleted when the browser is closed. Now, you need to be aware of a new battle front. Under Linux (and probably other Unix systems), these pieces of information are stored under $HOME/.macromedia/. Run find ~/.macromedia -print to get an overview.

I remember one of the reasons people started to care about cookies in the first place was that sites like doubleclick (recently bought by Google) would serve ads for thousands of websites on the net, and those ads would store a cookie in your hard drive identifying you, so they could in theory track what you visited on the net and build a profile. Today the problem would still exist because sometimes ads are served in flash format.

You can, however, configure the flash plugin so it doesnt let anybody store anything in your hard drive. It must be noted that to do so you must visit macromedia.com and adjust the plugin settings from a flash application that is available on their site. Moreover, if you completely disable data storage, you are warned that some sites may stop working. Amazing. So this problem is hard to avoid. My personal recommendation is to use a browser plugin like the typical FlashBlock for Firefox or the Load plugins on demand setting under Konqueror, so every flash application is blocked unless you specify otherwise. And, you may want to delete the $HOME/.macromedia/ directory from time to time, or at least part of its contents (settings are also stored in that directory). Its also worth mentioning that the settings and data are cross-browser, obviously. They are stored by the flash plugins no matter what browser youre running the plugin from.

Its a shame so many websites require flash for basic browsing, as well as the lack of a flash plugin for many platforms. The plugin could also have an option to delete any hard drive data when closing it, similar to the option to treat all cookies as session cookies that many browsers feature.

"In fact we've still not released the Flash 9 spec out there, and when we release it, it'll be full of errors and incomplete, just like the previous flash specs were"

The Flash 9 spec has been out for a month plus, the only problem with it is the obnoxious EULA you have to agree to to get it. It was announced on Emmy Huang's blog the end of July:

Few, though, can match the slick ease of use of RealPlayer 11 -- and it isn't even out of beta yet.

• Adobe employee (engineer?) bringing up some of the issues: http://weblogs.macromedia.com/jd/archives/2007/07/ real_problem.cfm
• Real's response to the above post: http://rws-blog.rhapsody.com/realplayer/2007/07/re alplayer-beta.html
• Flash/FMS communication details: http://blog.jaycharles.net/?p=9
• Other details. From comments here it suggests that RP11 is installing some kind of proxy for the Flash communication: http://www.flashcomguru.com/index.cfm/2007/8/1/rea l-bug

The main uses of Flash thus far have been:

• Adverts. Almost every site has a flash ad or two
• Promo sites for movies, games etc.
• Video players. YouTube etc. A fairly recent phenomena

It's not hard to see why people hate Flash. Sure it might eventually herald an age of Rich Internet Applications with Flex etc. but it's no exaggeration to say that most user's experiences of it are overwhelmingly negative due to its association with adverts.

A fun fact about Flash is that it has things called shared objects which are just like cookies but managed entirely separately and stored in the user's app data folder, e.g. %APPDATA%\Macromedia\Flash Player\#SharedObjects. Doubleclick and Google must bust a gut when they hear people saying they wipe their cookies because I bet they never think to wipe their shared objects. Sure you can eventually discover this panel to control them (a bit) but Adobe haven't fallen over themselves to make it easy to find or control these settings. It seems they know which side their bread is buttered on.

At least the PSP browser only plays flash 6 and has too little memory; so, no YouTube.

And I'm not having any luck finding anywhere at tells me what version of the plugin (ActiveX Control?) I'm currently running, so now I have to walk to each and every machine in the domain and install the latest manually.

Thanks for flashblock with allows me to install flash. Flashblock is now included in camino, and I would encourage Firefox and Safari to do the same. It is as essential as pop up blocking and image blocking in terms of user security. I won't even bother to think IE might include such a useful thing given it history of resisting security features. And no one can say, well, the user has to voluntarily install Flash, so why do we need a blocker. In most cases, flash is installed without the users knowledge of the negative effects.

I also recently discovered the online flash security setting. Why Adobe can't ship this with product, or have an off swithc for flash, i don't know. I guess such features prove the Flash is mostly annoy-ware, and perhaps spyware, and is only ancillary a useful product. I found it interesting how much history was recorded in the flash files. It made me even more reluctant to allow flash through.

RD "C:\Documents and Settings\%username%\Application Data\Macromedia\Flash Player" /S /Q

That article is misleading. It has nothing to do with AJAX,
and nothing to do with the Web.

It's basically JavaFX Script, a language for defining GUI's.
https://openjfx.dev.java.net/JavaFX_Programming_La nguage.html

These are better articles:
http://arstechnica.com/news.ars/post/20070509-firs t-impressions-suns-javafx-platform-for-rich-applic ation-development.html
http://weblogs.macromedia.com/jd/archives/2007/05/ sun_javafx.cfm

-- Mike

I'll have no problems watching YouTube if I just install the proprietary Adobe Flash player.
Free in the not-so-free sense, but still available and easyish to install.

Flash Uninstaller for Windows
http://download.macromedia.com/pub/flashplayer/cur rent/uninstall_flash_player.exe

FlashBlock for FireFox
http://flashblock.mozdev.org/

This blog link off that Wikipedia link of yours gives even more history of how .swf and Shockwave Flash came to be named.

Whatever the EULA says, you are completely subject to Adobe's whim

That could be the case, but isn't. They serve this file to anyone who asks for it, not just to people who have agreed to a license.

As mbessy said, this is disabled by default for both your webcam and microphone. You can enable them (or change other flash settings) by going here:

http://www.macromedia.com/support/documentation/en /flashplayer/help/settings_manager03.html

They say it's in the works:

http://weblogs.macromedia.com/emmy/archives/2006/1 0/beta_refresh_on.cfm

And, because this will be the next question now that we've satisfied your beta player needs: the Adobe Flash Player team is working on support for 64-bit platforms as part of our ongoing commitment to the cross-platform compatibility of Adobe Flash Player. We have not announced timing or release dates.

Firefox (and all other Mozilla browsers) already support that feature. It's just hidden.

HowTo:
1. Quit Firefox.
2. Open the file hostperm.1 (in your profile dir) with a text editor.
3. Add the following line:
host object 2 www.macromedia.com
(the spaces between host, object, etc are tabs)
4. Open Firefox and surf to http://www.macromedia.com/software/flash/about/. Firefox should not display any Flash stuff.
5. ???
6. Profit. ;-)

There are cross-platform thin-client network solutions like VNC or Nomachine's NX. They do exactly what the web x.0 wants to do, they do it fast and they do it without all the bloat and packing/unpacking of (essentially very simple) data.

You've got it backwards. VNC and the like send bitmaps across the wire. Bitmaps, even with compression, are more bloated and take more packing and unpacking than simple data. Other reasons to prefer AJAX, Flex, Laszlo, Altio, Nexaweb or other similar frameworks rather than terminal server type products are:

• Responsiveness - each mouse click or keystroke and pixel draw does not have to travel the network.
• Scalability - the client is doing all the UI work, the server only needs to handle serving and saving the data
• Ubiquity - web browsers are everywhere, Flash and Java plugins are nearly everywhere. VNC clients are confined to the IT department's desktops.
• Firewalls - most firewalls will let you through on port 80. Many companies clamp down on port 5301 (or whatever)

Also, the article gets it wrong when it states that these frameworks have suddenly started appearing in the last year since AJAX became popular. Aside from Flex, the products I've named above date back to around 2000. They're becoming more visible now that people are starting to see the possibilities of RIAs, but the 6+ year history behind some of these products means they're already stable, quality frameworks with good developer support.

Do you have Flash Player installed? It has hardware access, as does every other plug-in. There's plenty of ways for a web site to hit the hardware.

Flash 8 was released almost a year ago and it still isn't available for Linux!

June 29 is out of date?

Adobe - Adobe Press Room: For immediate release

And they're working on a Linux version, so again, what's the complaint?

Emmy Huang: Yes, Virginia, there will be a Flash Player 9 for Linux

Flash support is readily available as a browser plugin

Yeah, except Flash 7 is all you get until 2007:
    http://weblogs.macromedia.com/emmy/archives/2006/0 5/yes_virginia_th.cfm

I fairly frequently receive Flash 8 stuff that is unusuable in 7.

"And the 9.0 player is coming for Linux over the next few months."

From their comments they say a beta may be available by Christmas.. meanwhile more and more sites lock out users with out player 8 or 9. ( http://weblogs.macromedia.com/emmy/ or http://blogs.adobe.com/penguin.swf/ ).

Explain why they can't release a Linux version when OSX and Windows get it? Sure they explain the "challenges" in developing for Linux in their postings, but you can't tell me there aren't challenges for OSX or Windows either. They just aren't dedicating the resources to make it happen, for whatever reason!

"With the new direction Adobe is heading I'd expect much more regular Linux releases."

Care to back that up with some sort of proof? So far they've haven't proven good on their previous statements/release time frames. It's starting to become vaporware like Vista. So again I'd like to see some sort of evidence of the "New Direction" they are heading. Otherwise you're spreading FUD.

...Adobe is committed to getting Flash Player 9 on Linux released this fall, probably around October.

I'm curious about your source; Emmy Huang's blog says

"We expect to make a pre-release version available on Adobe Labs for early feedback and testing before the end of the year, with the full release expected in early 2007*."

and even then the asterisk points you at a disclaimer saying that those dates may change... and do you really think that they'd change in the good direction, i.e. earlier?

If you look at the blog done by a fellow working on Flash for Linux, you'll see that as of late July, they're still at the "which libraries should we use?" stage (and in at least one case, the choice is rather disturbing, i.e. v4l version 1, which is about to be obsolete if I understand the discussion).

A little later than the Win and Mac releases, but it'll be there.

http://weblogs.macromedia.com/emmy/archives/2006/0 5/yes_virginia_th.cfm

Please, get your terminology right. Halfway through your post you switch from Macrovision, the company that provides DVD encryption, to Macromedia, the company that provides Flash. I doubt the latter has a care one way or the other in DVD protection.

It's the DMCA, not the DCMA. Digital Millennium Copyright Act. Not "Copyright Millennium". And, young man, it doesn't fit the music as well. "It's fun to violate the D-M-C-A!"

Finally, he didn't "give all source code to Macrovision." Ignoring the grammatical ambiguity therein, he gave rights to the code, and unfortunately had not previously licensed it under a perpetual redistribution license. If he had simply GPL'd it (or CC-SA or anything), Macrovision would've had all the source code they wanted and couldn't've done a thing about it.

You may be surprised to learn Flash has some built-in accessibility features.
http://livedocs.macromedia.com/flash/mx2004/main_7 _2/00001182.html

I know it's popular to hate on flash, a bit like it was popular to hate on javascript a few years back, and let's face it, there's enough bad uses of the technology it's easy for people that don't understand it to throw a blanket statement and say "All flash is bad, kthx."

Hopefully, as better built flash-using sites become more prevalent, and as people learn more about flash itself, things will improve, just like they did with javascript^WAJAX.