Slashdot Mirror

← Back to Stories (view on slashdot.org)

Browser Privacy Test

Posted by samzenpus on from the which-one-works-best-in-a-frozen-home dept.

lazyforker writes "A NYTimes blog post reports the results of security researcher Kate McKinley's tests of various browsers' (FireFox, Chrome, IE, Safari) privacy protection mechanisms. Specifically she tested their cookie handling. She also examined their handling of Flash's cookies. In summary: Safari on Mac OS X (in the 'private browsing' mode) is not so private ('quirky'). Safari on XP is not private at all. Flash behaves awfully everywhere."

96 of 133 comments (clear)

  1. Re:Hey cats! Speaking of privacy... by Ethanol-fueled · · Score: 2, Funny

    Those bastards! Quick, somebody report Sourceforge!

  2. Me know how to handle cookie! by Anonymous Coward · · Score: 5, Funny

    Om nom nom nom nom!!!

    1. Re:Me know how to handle cookie! by anomnomnomymous · · Score: 2, Funny

      ^ This.

      --
      When you shoot a mime, do you use a silencer?
  3. My Privacy Test by ian_from_brisbane · · Score: 5, Funny

    My undies are blue.
    I'm secretly in love with my best friend's wife, but I like gay midget porn.

    [preview]

    Damn, Firefox privacy test failed :(

    1. Re:My Privacy Test by SpottedKuh · · Score: 4, Funny

      Damn, Firefox privacy test failed :(

      Next time, try "Post Anonymously"

      ...ah, hell, it's New Year's Eve. Go ahead and try your best friend's wife instead ;)

      ...or, you know, some midgets. Your call...

    2. Re:My Privacy Test by BlueParrot · · Score: 3, Funny

      My undies are blue.

      You sick pervert!

    3. Re:My Privacy Test by larry+bagina · · Score: 2, Funny

      or maybe his best friend's wife IS a gay midget.

      --
      Do you even lift?

      These aren't the 'roids you're looking for.

    4. Re:My Privacy Test by syousef · · Score: 3, Funny

      I'm secretly in love with my best friend's wife, but I like gay midget porn.

      You think you have problems? Your best friend's wife's name is Steve. She has a beard and is 86cm tall.

      --
      These posts express my own personal views, not those of my employer
    5. Re:My Privacy Test by PixetaledPikachu · · Score: 1

      Or, he is actually his best friend's gay midget wife.

    6. Re:My Privacy Test by owlnation · · Score: 1

      You sick pervert!

      Hey! I'm a sick pervert, you insensitive clod!

    7. Re:My Privacy Test by sakasune · · Score: 1

      now THATS a secret!

      --
      "You're arguing for a universe with fewer waffles in it," I said. "I'm prepared to call that cowardice."
  4. One word by Anonymous Coward · · Score: 5, Informative

    Flash behaves awfully everywhere

    FlashBlock

    NoScript works too but I find it sort of annoying because it stops half the web from working.

    1. Re:One word by Anonymous Coward · · Score: 5, Insightful

      NoScript works too but I find it sort of annoying because it stops half the web from working.

      Exactly why I love it. Half the web annoys me.

    2. Re:One word by Dishevel · · Score: 1, Funny

      Only half.

      What is wrong with you?

      --
      Why is it so hard to only have politicians for a few years, then have them go away?
    3. Re:One word by lazy_nihilist · · Score: 1

      I agree. If the website doesn't bother to serve proper web pages to javascript disabled browsers, then it is not really worth it. On the other hand you have some websites that require AJAX functionality to deliver proper services, like google maps, in such cases you can use the whitelist as long as you trust the site.

    4. Re:One word by Snowblindeye · · Score: 3, Interesting

      I agree. If the website doesn't bother to serve proper web pages to javascript disabled browsers, then it is not really worth it.

      I'm not sure if that's true when you are using noscript. Certainly for flashblock it isn't true, because the site identifies your browser as being able to run flash.

      In other words, they might have a flash and a non flash version, but they serve you the full flash version cause you *are* flash enabled, just blocked. With noscript you might get a javascript page, even though you block it. Of course that depends on how they implement the degradation of service, some websites will do it right.

      That's apart from the fact that your assume that bad web programming means bad content. That's not the case. If I want to go to a site cause using it is beneficial to me, then I want to use it, whether they have smart or dumb people coding it.

      I know I've found that with noscript I find myself constantly managing permissions, instead of browsing. Flashblock is a little less annoying, but obviously less complete in its blocking.

    5. Re:One word by symbolset · · Score: 1

      Prozac

      --
      Help stamp out iliturcy.
    6. Re:One word by BrokenHalo · · Score: 3, Insightful

      If you really prefer monospaced fonts, just use Lynx/Links. Please don't inflict them on us just to make your post stand out. It's rude.

    7. Re:One word by Jurily · · Score: 2, Insightful

      More like 90%. it's actually less annoying to "Temporarily allow all of this page" when necessary than it is the other way around.

    8. Re:One word by xenobyte · · Score: 2, Interesting

      You can easily turn that on which you need to work. But stupid ad-serving junk, dumb statistics which delay loading significantly, annoying animations and downright mean stuff stays turned off for me.

      I find NoScript absolutely vital to a useful web surfing experience, and it's always the first extension I install on new FF installations.

      --
      "For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
    9. Re:One word by Laser_iCE · · Score: 1

      I agree. If the website doesn't bother to serve proper web pages to javascript disabled browsers, then it is not really worth it.

      I'm not sure if that's true when you are using noscript. Certainly for flashblock it isn't true, because the site identifies your browser as being able to run flash.

      In other words, they might have a flash and a non flash version, but they serve you the full flash version cause you *are* flash enabled, just blocked. With noscript you might get a javascript page, even though you block it. Of course that depends on how they implement the degradation of service, some websites will do it right.

      That's apart from the fact that your assume that bad web programming means bad content. That's not the case. If I want to go to a site cause using it is beneficial to me, then I want to use it, whether they have smart or dumb people coding it.

      I know I've found that with noscript I find myself constantly managing permissions, instead of browsing. Flashblock is a little less annoying, but obviously less complete in its blocking.

      You set the permissions for sites that you visit often, and you never have to set them again. Most sites that you visit to once or twice don't need scripts to load (if it's a news site for example), so you don't have to set the permission, and simply leave it. If it saves me from a frame that loads a malicious script from another site (which it has done a couple of times now), then I'm more than happy to allow/disallow certain sites from running scripts in my browser. Especially those damn advertising companies.

    10. Re:One word by Laser_iCE · · Score: 1

      This was more directed at this comment to be honest.

    11. Re:One word by auric_dude · · Score: 1

      Although it stops half the web from working the half that does work is the half that is worth viewing or so I have been told.

    12. Re:One word by pjt33 · · Score: 1

      Certainly for flashblock it isn't true, because the site identifies your browser as being able to run flash.

      They should have a link to the non-flash site anyway. Having browser support for flash != wanting to use it.

    13. Re:One word by Kindaian · · Score: 1

      But it stops the correct half of the web... the one that is already broken! ;)

  5. ccleaner by muckracer · · Score: 1

    Always wished, there was something like ccleaner for Linux. Ditto for spyware detectors. Sure it won't take over the rest of the system but my important stuff is, well, in my account. Looks like the only semi-safe way to run a browser these days is in a virtual sandbox.

  6. If you are that worried... by Anonymous Coward · · Score: 1, Informative

    Then you delete your "flash cookies" at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

    IT allows you to access the flash Settings Manager and delete things one by one.

    1. Re:If you are that worried... by the_womble · · Score: 1

      You could also just delete ~/.macromedia/Flash_Player or the equivalent on your OS.

    2. Re:If you are that worried... by slash.duncan · · Score: 1

      Or... choose not to run "servitudeyware" in the first place. See the sig. Macromedia flash won't touch /my/ computer, at least until it's freedomware.

      (FWIW I ran the swfdec-mozilla plugin for awhile, but eventually removed it. I run konqueror by default anyway, and use the youtube-servicemenu package for youtube downloads, or some downloader extension on iceweasel, and don't worry about other flash, or any of the recent flash security vulns, or the privacy-leaking flash-cookies.)

      --
      Duncan
      "Every nonfree program has a lord, a master,
      and if you use the program, he is your master."
      R Stallman
  7. Flash by NoobixCube · · Score: 4, Interesting

    Under what circumstances does Flash not behave awfully? Despite being a Linux fan, and more than a little cold on Microsoft (though I did buy an Xbox 360 - matter of price at the time...), I almost hope Silverlight takes off so Adobe have some serious, commercially driven competition for Flash. Maybe then they won't take their user base for granted and; oh I don't know, maybe put some work into making Flash GOOD?

    --
    Admit it. You post strawman arguments as AC so you get modded Insightful for refuting them, rather than Troll
    1. Re:Flash by Tubal-Cain · · Score: 1

      Under what circumstances does Flash not behave awfully?

      64-bit Debian Testing & Unstable (64-bit flash 10 alpha)

    2. Re:Flash by PitaBred · · Score: 1

      I complained about the same thing, but with the latest 64bit flash 10 betas, I have been pleasantly surprised. Performance is pretty darn good, and it works exactly as you'd expect it to, no more JavaScript menus hidden by the flash object or any of that. I still prefer it to Silverlight, because as much as Adobe takes non-mainstream OS's for granted, Microsoft views them with hostility. "Embrace, extend, extinguish" was not a phrase created in a vacuum.

      --
      My blog. Good stuff (when I remember to update it). Read it.
    3. Re:Flash by mmu_man · · Score: 3, Interesting

      flash is not a standard. it's closed source, so not available everywhere, and unaccessible, unindexable... exactly what the web is not supposed to be.
      cf. http://www.anybrowser.org/campaign/
      Sorry no, gnash or swfdec are not there yet, besides, whoever looked at porting them must have noticed they aren't portable despite being opensource, dependancy hell here I come. Just check the never finished BeOS port of gnash. I don't see silverlight being better anytime soon.
      At least Java is open now, so it can be ported.
      But it's not accessible to blind people for ex.

      Why don't they make websites instead ?

    4. Re:Flash by Tubal-Cain · · Score: 1

      The Linux community, which has less than 1% of marketshare on the desktop, has a rather incomplete open source version of the flash player. And you claim that the fact that the BeOS/Haiku community (I'll say it's 1% the size of the Linux community and consider that a generous estimate) hasn't ported it* is proof that porting it isn't possible?

      * Wikipedia claims that there is an early port for BeOS, as well as RISC OS and BSD

    5. Re:Flash by Anonymous Coward · · Score: 4, Insightful

      Good heavens, someone is wrong on the Internet!

      SWF is open, and we can glimpse the Flash Player's innards in Tamarin- but none of that even matters.

      Pragmatically, is there a really important reason why you want the Flash Player to be entirely open? Would an open source Flash Player really be a better working piece of software than what we've got now?

      Also, the Flash Player has support for screen readers and SEO indexing. Flash has support for lots of things that just aren't implemented in 90% of the SWFs you'll come across. A poorly scripted program says little about the platform it runs on. You wouldn't blame the Mozilla Foundation for bad websites, would you? That wouldn't make any sense.

      I agree that Flash is not a standard, although wide adoption of SWF as a web standard is possibly a stronger motivation for Adobe to clean up the player than any competitive pressure that Silverlight may provide. And despite not being a standard, people will continue to use Flash to create web content, because it is a successful medium.

      Just not the right medium for handling online banking. Wrong tool for that task. (Sorry Arcot.)

    6. Re:Flash by symbolset · · Score: 1

      I almost hope Silverlight takes off so Adobe have some serious, commercially driven competition for Flash.

      I hope Adobe takes note of your comment. Microsoft is eating Adobe's product lines one by one. Soon they'll be after Photoshop. Adobe could go cross platform. Or they could just keep feeding the mouth that bites them. The list of companies that chose option B is quite long, so I'm not holding my breath.

      --
      Help stamp out iliturcy.
    7. Re:Flash by Anonymous Coward · · Score: 2, Insightful

      Would an open source Flash Player really be a better working piece of software than what we've got now?

      If it respected my 'zero animations' browser setting, yes it would be. If it had a working 'STOP' button, yes it would be. If it had simple, basic functionality of Flashblock, yes it would be.

    8. Re:Flash by thePowerOfGrayskull · · Score: 1
      Recommended reading as far as Flash and standards. If you said "people use it as an excuse to make hard-to-navigate, crappy web sites that don't do anything useful" , I would have agreed whole-heartedly. Instead, you seem to be the case that because a small minority of users can't view Flash pages, nobody should use it.

      The unfortunate truth of the matter is that Flash /is/ a de facto standard. It runs on the platforms that the vast majority of the computing world uses, and most folks don't ever have to do anything to configure it.

    9. Re:Flash by zig007 · · Score: 1

      Actually, at least Google, don't know about the others, do index flash content:
      http://googleblog.blogspot.com/2008/06/google-learns-to-crawl-flash.html

      This does not mean that I in any way think that flash is great.
      I totally agree on making websites instead of flash clients.
      Especially now, when so much of the same functionality can be obtained with other mean.

      Happy new year!

      --
      Baboons are cute.
    10. Re:Flash by howlingmadhowie · · Score: 5, Interesting

      SWF is open

      every time someone repeats this lie i end up posting a link to this film: http://www.youtube.com/watch?v=zoNvsiBTQDE

      Pragmatically, is there a really important reason why you want the Flash Player to be entirely open? Would an open source Flash Player really be a better working piece of software than what we've got now?

      it would allow me to do everything a wanted with a non-intel architecture. flash is the last bastion of hardware (and operating system) lock-in for me.

    11. Re:Flash by bh_doc · · Score: 1

      Despite that being an interesting video, it contradicts your point. SWF is indeed open. It's just that it's openness is useless since it had been reverse engineered years prior.

      Pretty horrid license restrictions on the plugin, though. Fuck Adobe.

  8. Re:What I know about *BSD by Anonymous Coward · · Score: 2, Funny

    11. ...
    12. Profit!

  9. Who is Kate McKinley? by bogaboga · · Score: 3, Interesting

    I was just wondering who Kate McKinley really is. Most of all, I am skeptical as to whether she is even qualified to be called a "security researcher" at all.

    Why? Because Wikipedia returns no hits for "Kate McKinley" and a Google search returns results that are sketchy or even anemic when it comes to browser security at best.

    May be I should also put up my own research...may be, then call my self a "Security researcher."

    1. Re:Who is Kate McKinley? by Earthquake+Retrofit · · Score: 5, Funny

      I was just wondering who Kate McKinley really is. Most of all, I am skeptical as to whether she is even qualified to be called a "security researcher" at all.

      Why? Because Wikipedia returns no hits for "Kate McKinley" and a Google search returns results that are sketchy or even anemic when it comes to browser security at best.

      Maybe she's a privacy expert too.

      --
      Fifty years of Yippie! 1968-2018
    2. Re:Who is Kate McKinley? by buchner.johannes · · Score: 2, Insightful

      First links I tried, after reading the header of the paper, saying:

                          Cleaning Up After Cookies
                                    Version 1.0
      Katherine McKinley – kate[at]isecpartners[dot]com
                                  iSEC Partners, Inc
                          444 Spear Street, Suite 105
                            San Francisco, CA 94105
                      https://www.isecpartners.com/

      would be ... I don't know, maybe http://en.wikipedia.org/wiki/@stake ;-) ?

      --
      NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
    3. Re:Who is Kate McKinley? by fermion · · Score: 3, Insightful
      From the papers, the paper is credited to iSec partners. This company has almost no details on itself on the web page. The domain was registered in late 2004, and appears to be renewed year to year, which, to me, is suspicious for a going concern.

      That and the way the paper is written makes me suspicious as well.

      --
      "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    4. Re:Who is Kate McKinley? by ScrewMaster · · Score: 1

      and a Google search returns [google.ca] results that are sketchy or even anemic when it comes to browser security at best.

      Well, I guess she takes her privacy seriously.

      --
      The higher the technology, the sharper that two-edged sword.
    5. Re:Who is Kate McKinley? by ScrewMaster · · Score: 2, Funny

      What the average Slashdotter wants to know is: Is she hot ?

      You be the judge.

      --
      The higher the technology, the sharper that two-edged sword.
    6. Re:Who is Kate McKinley? by ScrewMaster · · Score: 1

      What the average Slashdotter wants to know is: Is she hot ?

      Here's some more Kates. Take your pick.

      --
      The higher the technology, the sharper that two-edged sword.
    7. Re:Who is Kate McKinley? by argiedot · · Score: 3, Insightful

      May be I should also put up my own research...may be, then call my self a "Security researcher."

      Well, yes, yes you could. Why on earth does the author of the paper have to be on Google or Wikipedia? All the information you need is in the paper itself including an explanation of the methodology and _the freaking damn code itself_!

    8. Re:Who is Kate McKinley? by Klootzak · · Score: 4, Interesting

      Who cares who she is? The paper she's credited with writing is by no means revolutionary...

      Here's a couple of easy tips to help maintain a minor level of privacy while browsing:

      - Disable Third-Party cookies (Option under "privacy" tab under Firefox versions >3.0).
      - Add entries to your local hosts file fudging the DNS of known "WebSpy", sorry, I mean "WebAnalytics" domains.

      My current hosts file contains entries similar to the following (but a few more than I list here):

      --- Hosts File Example ---
      127.0.0.1 localhost
      127.0.0.1 www.google-analytics.com
      127.0.0.1 google-analytics.com
      127.0.0.1 ths.news.com.au
      127.0.0.1 adsfac.net
      --- End Hosts File Example ---

      Host File Locations:
      Windows - %SystemRoot%\system32\drivers\etc\hosts
      Most Unixes - /etc/hosts
      Mac OS X - /etc/hosts

      The reason for utilizing the hosts file is to prevent such things as uniquely-generated transparent images (GIFs for instance) being used as inserts in pages to track your browsing in the advent you disable cookies, just add new domains/hosts to the file as you find them.

      In any case, the point is more or less moot, you can minimize your privacy issues, but as any good security professional knows, where there's a will there's a way... and you can be tracked in a number of ways, understanding of how HTTP, DNS and other transfer protocols (also lower-level protocol layers) work will help you minimize your exposure though... if you're concerned, read up on the OSI/ISO network model and how IP and TCP work.

      --
      A Man's ethical behavior should be based effectually on sympathy, education, and social ties -- Albert Einstein
    9. Re:Who is Kate McKinley? by Chris_Jefferson · · Score: 1

      Don't trust the name, trust the evidence (I haven't RTFA yet, but intend to).

      --
      Combination - fun iPhone puzzling
    10. Re:Who is Kate McKinley? by Voline · · Score: 1

      So you judge research based on who did it? Appeal to authority is a logical fallacy.

      This research is easily verifiable. I verified some of it's claims after reading this paper. Specifically, I used Safari's reset feature that is supposed to clear all cookies. Then, checked the directory where the article says Flash stores user-data. It was all still there. I don't care if Kate McKinley is Satan herself. She is clearly telling the truth about this particular claim.

      Your ad-hominem attack is based on another logical fallacy. You should really learn how science works. Research is valid not because of the credentials (or lack thereof) of the researcher, but if it takes a disprovable hypothesis and designs reproducible experiments that test measurable evidence that logically would disprove it.

      Who is bogaboga and does he work for Adobe?

  10. Fundamental flaw in survey by QuietLagoon · · Score: 3, Informative
    Since it appears that the author of the "study" chose the browsers to test based upon popularity, the "researcher" based the survey upon the mistaken assumption that popularity is an indication of security perception.

    Microsoft's Internet Explorer, as the mos tpopular browser, disproves tha tpopularity does not equate to the perception of security.

    A better basis for the selection of browsers would be to select those thought to be secure. That would eliminate IE and Safari at the start, and it might even add Opera.

    1. Re:Fundamental flaw in survey by fermion · · Score: 1
      Absolutely. IE and Safari are created to allow the average user to browse average content without thinking about the technical details. That means that cookies has to be on, flash has to be on, and everything has to be relatively open. Otherwise it will not work when trying to download the baby pics or naughty movie. The privacy mode, now in both, is a very good compromise in that it leaves everything open, but more or less covers your tracks when you leave. Of course, the key is more or less, and the average user may not understand that it might less than more. Some of the other browsers assume, at lesat in part, that the users understands what is going on and is set up accordingly.

      The key really is that both of these browsers are written to maximize revenue for the content providers, which is not bad, as content needs to be paid for. That is why flash is not easy to turn off, even in safari(though I hear there is now a free plugin). So, for users who want simplicity, and want free content, tends to give up privacy. For the others, firefox on MS, camino on mac, and lynx on *nix.

      --
      "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    2. Re:Fundamental flaw in survey by rsmith-mac · · Score: 1

      Huh? She tested, and I quote: "Mozilla's Firefox, Google's Chrome, Microsoft's Internet Explorer and Apple's Safari". That's a perfectly fine selection of browsers, it's all the major browsers on the market right now. It's true that she could have added Opera (although whether it's a major browser is certainly up for debate) but that doesn't require dropping any browsers. Tests not run do not tell us any useful information.

    3. Re:Fundamental flaw in survey by QuietLagoon · · Score: 1
      it's all the major browsers on the market right now.

      .
      You prove my point. Thank-you.

    4. Re:Fundamental flaw in survey by QuietLagoon · · Score: 1
      I missed the part where anyone said that popularity indicates strength of security.

      .
      As, it appears, did the "researcher". So what does that say about this "security" study?

    5. Re:Fundamental flaw in survey by Dhalka226 · · Score: 1

      And who said it was a security study? All the paper says is that they're investigating the effectiveness of privacy settings of the major browsers.

      "Bitch" and "moan" and "put stuff in quotes" as much as you want, but the study is perfectly fine. Even if somebody, somewhere did call it a security study--and I've seen no evidence of that anybody being anyone other than you thus far--the study remains just as valid as if nobody had. There's always a domain associated with studies, and this particular reports' domain is the major browsers.

      If she had been claiming to unearth the Most Secure Browser In Existance(tm) and didn't study all possible alternatives, then you may have a point about the veracity of the study. As it stands, I don't think you've added anything at all of value to the discussion.

      The study is what it is. Wishing it were something else doesn't make it a bad study. Maybe it's bad all on its own, but this ain't it.

    6. Re:Fundamental flaw in survey by Anonymous Coward · · Score: 1, Informative

      How about you RTFA.
      She claims to have tested Opera. Of course the NY Times and Slashdot don't RTFA.
      Then agtain, TFA is a piece of shit without any value whatsoever.
      And Google Chrome is hardly a major browser, fuck, it's hardly a browser. You're a fucking idiot.

    7. Re:Fundamental flaw in survey by QuietLagoon · · Score: 1
      The study is what it is.

      .
      It is a fairly useless study designed to do litle more than generate headlines by focusing on pop software. Do people "choose" IE because they think it will protect their privacy, or do they use it just because it was bundled with the OS? What percentage of IE users have expectations of privacy in their use of IE? With IE's track record, anyone using it has neither expectations of privacy nor security.

      Yip - the study it what it is.

  11. Clean out the '\Flash Player' folder by schwit1 · · Score: 2, Informative

    For windows users you should delete everything in this folder: C:\Documents and Settings\username\Application Data\Macromedia\Flash Player

    1. Re:Clean out the '\Flash Player' folder by robo_mojo · · Score: 3, Interesting

      For Linux users you want to (after rm'ing) symlink ~/.adobe and ~/.macromedia to /dev/null.

    2. Re:Clean out the '\Flash Player' folder by thePowerOfGrayskull · · Score: 3, Informative

      Actually for Flash you should take a look at these instructions which will work cross-platform.

    3. Re:Clean out the '\Flash Player' folder by gnud · · Score: 2, Informative

      In case someone takes this at blind faith -- the ~/.adobe folder also contains Acrobat data.

      But kill ~/.macromedia, and ~/.adobe/Flash_Player =)

    4. Re:Clean out the '\Flash Player' folder by Anonymous Coward · · Score: 1, Informative

      Or use the Objection Firefox extension.

  12. Re:It's spelt Firefox by PitaBred · · Score: 1

    At least Foxfire is something to somewhat validly swap around.

    --
    My blog. Good stuff (when I remember to update it). Read it.
  13. Re:It's spelt Firefox by ITEric · · Score: 1

    That's nothing. I keep calling it Foxfire.

    I do that from time to time, too :P OTOH, I'd probably feel a little more secure browsing with Clint Eastwood...

    Oh wait, I guess that'd be a browser built by old-timey hillbillies...Yeah, I'd still use that :D

    --
    The most exciting phrase to hear in science, the one that heralds new discoveries, is not 'Eureka!' but 'That's funny...
  14. Microsoft is Still Evil! Hurray! by fm6 · · Score: 1

    Privacy issues aside, I've never had any trouble with Flash. Quite the contrary: Flash applications always seem to have fewer bugs and hassles than other embedded applications. I'm particularly grateful that the Flash media player is displacing MS Media Player, Real Player, and Quicktime, all of which are obnoxious as hell.

    I should mention that I run The Evil OS. Probably the difference in your experience is due to your running Linux. You might find it instructive to try running a few Silverlight apps on Linux. I would predict that your experience won't be any better. Of course, Moonlight, the Linux version of Silverlight, is Open Source. So at least while you're beating your head against the wall, you'll be politically correct!

    1. Re:Microsoft is Still Evil! Hurray! by grcumb · · Score: 5, Insightful

      Privacy issues aside, I've never had any trouble with Flash.

      I like your logic: Aside from a single tile, Columbia's last mission went flawlessly.

      Seriously, though: you've underlined the single greatest problem in computer security today - what we don't see can hurt us. I've written about this at greater length elsewhere, but to put it simply, privacy is the battleground of our decade.

      The struggle to come to terms with privacy will manifest itself in the legal, moral and ethical arenas, but it arises now because of technology and the cavalier approach that the vast majority of people take to it.

      The ramifications of our ability to transmit, access and synthesise vast amounts of data using technology are consistently underestimated by people because of the simple fact that, as far as they're concerned, they are sitting in the relative privacy of their own room with nothing but the computer screen as an intermediary.

      On the consumer side of things, this creates what Schneier calls a Market for Lemons in which the substance of the product becomes less valuable than its appearance. As long as we have the illusion of security, we don't worry about the lack of real protection.

      On the institutional side, we see countless petty abuses of people's privacy. There is nothing stopping a low-level employee from watching this data simply out of prurient interest. In fact, this kind of abuse happens almost every time comprehensive surveillance is conducted. In a famous example, low-level staffers in the US National Security Agency would regularly listen in on romantic conversations between soldiers serving in Iraq and their wives at home. The practice became so common that some even created 'Greatest Hits' compilations of their favourites and shared them with other staffers.

      They would never have done so had the people in question been in the room, but because the experience is intermediated by an impersonal computer screen, which can inflict no retribution on them, their worst instincts get the better of them.

      When discussing software in the 21st Century, we cannot ever treat privacy as just one incidental aspect of a greater system. Privacy defines the system. Starting an argument by throwing it aside in the first subordinate clause gives little weight to any argument that follows.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    2. Re:Microsoft is Still Evil! Hurray! by NoobixCube · · Score: 1

      I dual boot Windows, although I use Linux mainly, and I have almost as many problems with Flash in Windows as I do in Linux. It's buggy and bloated on any platform, though I admit the Linux support is worse (32 bit Ubuntu - well, Mint actually, but that makes little difference in 99% of cases).

      I'm not an open source user out of philosophy, I'm one out of practicality. Overall I find that I have less problems with open source software, but I don't use it for warm fuzzy open source feelings. I use Mint, which is almost the complete polar opposite of gNewsense (nuisance?), so I see myself as the seafood eating vegetarian to Richard Stallman's vegan. If Gnash were less buggy for the majority of Flash I encountered, I'd use it instead of the Adobe plugin, but only because of quality, not philosophy. The reason I hope Silverlight takes off is not because of it's open source counterpart Moonlight, but because there is only one thing a company understands, and it's their bottom line. For what feels like an eternity, Adobe have been under almost no pressure to improve Flash. They've churned out incremental upgrades so they can sell more copies of their tools; much like Microsoft, after crushing Word Perfect, were under no pressure to improve MS Office. I feel dirty to be on Microsoft's side this time, but when Microsoft bring their brand of "competition", you either shape up or sell up. I just hope Adobe shape up, rather than sell up.

      --
      Admit it. You post strawman arguments as AC so you get modded Insightful for refuting them, rather than Troll
    3. Re:Microsoft is Still Evil! Hurray! by howlingmadhowie · · Score: 1

      this is a great post, can i quote it with attribution?

    4. Re:Microsoft is Still Evil! Hurray! by fm6 · · Score: 1

      You're right, my anecdotal evidence doesn't "prove" that Flash is not problematic. Then again, Noobixcube's negative experience doesn't prove that it is. I wasn't trying to prove anything, I was just comparing two divergent user experiences and trying to explain why they were different.

      And your analogy with the shuttle is off the mark; a Flash user typically runs a lot of different applications, so they're testing a lot of different failure points.

      I don't disagree with any of your comments about security, but you seem to have failed to notice that I was defending Flash's reliability, not it's security.

    5. Re:Microsoft is Still Evil! Hurray! by AmiMoJo · · Score: 1

      There clearly is a problem with flash, and it's a technical one so we can do without the anecdotes.

      Flash allows any flash app to save a large amount of data (default 100k, compared to IIRC 4k for cookies) to the user's PC. IIRC IE did/does not clear this data like it clears cookies when asked to. Flash can also do things like make sound (which you can't turn off). At least access to webcams and microphones is turned off by default.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    6. Re:Microsoft is Still Evil! Hurray! by fm6 · · Score: 1

      Jeez, people, learn to read. Can you point to the place where I said there was no security issue with Flash? No you can't. Yet you're the second person to respond to this imaginary statement.

    7. Re:Microsoft is Still Evil! Hurray! by AmiMoJo · · Score: 1

      Jeez, people, learn to read. Can you point to the place where I said there was no security issue with Flash? No you can't. Yet you're the second person to respond to this imaginary statement.

      Jeez, people, learn to read. Can you point to the place where I said you said there was no security issue with flash? No you can't. Yet you responded to this imaginary statement.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    8. Re:Microsoft is Still Evil! Hurray! by grcumb · · Score: 1

      Yep. here's a better link: http://scriptorum.imagicity.com/2009/01/03/on-privacy/

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    9. Re:Microsoft is Still Evil! Hurray! by fm6 · · Score: 1

      So your message had nothing to do with my message? Then why did you reply to me?

    10. Re:Microsoft is Still Evil! Hurray! by AmiMoJo · · Score: 1

      It was a logical progression of the conversation.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    11. Re:Microsoft is Still Evil! Hurray! by fm6 · · Score: 1

      Might I suggest that when you do this kind of reply you make it a little more obvious that it's not mean as a refutation? Because it looked like one to me.

    12. Re:Microsoft is Still Evil! Hurray! by AmiMoJo · · Score: 1

      Yeah, sorry, I kind of assumed that you were actually going to read and understood what I wrote. This is why arguing on the internet is so frustrating.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    13. Re:Microsoft is Still Evil! Hurray! by fm6 · · Score: 1

      Oh, grow up. If you can be misunderstood you will be misunderstood. It's up to you to make your point clear. Bad writing is not the reader's fault.

    14. Re:Microsoft is Still Evil! Hurray! by AmiMoJo · · Score: 1

      I don't have many regrets, but wasting valuable minutes of my life on this thread is one of them.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  15. cringe-inducing bug in konqueror by Anonymous Coward · · Score: 2, Informative

    Posting this anonymously, for reasons that will soon be evident.

    Here's a really nasty privacy bug in konqueror. Let's say you visit gaymidgetsex.com. Then you go to View : View Document Source. Well, on my default install of Ubuntu, this doesn't actually show you the html source code of the web page. Instead, it downloads the html file to /tmp and opens it in OpenOffice, which attempts to render it as an OpenOffice document -- it doesn't actually show you the html source, which is what you asked it to do. Okay, so now you have gay midget porn open in an OOo document, which isn't what you wanted. So you close the OOo window.

    Now the next time you start Ooo, go to File : Recent Documents. Oops.

    1. Re:cringe-inducing bug in konqueror by ScrewMaster · · Score: 3, Informative

      Posting this anonymously, for reasons that will soon be evident.

      You do realize that you didn't have to use your real sexual preferences as an example, don't you?

      --
      The higher the technology, the sharper that two-edged sword.
    2. Re:cringe-inducing bug in konqueror by slash.duncan · · Score: 3, Informative

      WTF gave you the idea that's a konqueror bug? Why would opening a document in OOo, which isn't even developed/shipped by the same (upstream) people as konqueror, be a konqueror bug?

      No, rather, as AC already posted, konqueror will with default associations as shipped by upstream (KDE), using the "view source" function, open pages using kwrite or kate or kedit. Assuming it's not a PEBCAK issue of the local sysadmin or user, OOo at least as shipped by Ubuntu appears to change that default by associating HTML (or possibly XML) files with itself, at a higher priority than kwrite/whatever-else. That's either Ubuntu's fault or OOo's (or the sysadmin/user for overriding the distribution defaults, if that's why the associations are set the way they are), but it certainly isn't KDE/Konqueror's, as KDE isn't what setup those associations, it's just doing what it's supposed to and following the file associations config as setup on the system it's installed on, as overruled by the config of the user running it, if they have chosen to do so.

      Looked at a different way, it would be either OOo's bug, for having a recent documents history that can't be disabled (if that's indeed the case), or a user PEBCAK, for not disabling said history or wiping it out after opening a document they don't wish to appear in said history.

      --
      Duncan
      "Every nonfree program has a lord, a master,
      and if you use the program, he is your master."
      R Stallman
    3. Re:cringe-inducing bug in konqueror by BertieBaggio · · Score: 1

      Posting this anonymously, for reasons that will soon be evident.

      It's okay ian, your secret is safe with us!

      --
      If all you have is a grenade, pretty soon every problem looks like a foxhole -- MightyYar
  16. Re:Konqueror and Safari should not be left out. by fuzzyfuzzyfungus · · Score: 2, Informative

    Now, I'm posting this from Konqueror on Linux as god intended and all that; but http://windows.kde.org/ is the place to look if you want Konqueror goodness on Windows. Quite possibly still in the rough edges stage, but a large amount of KDE 4 stuff is being brought over to Windows.

  17. Re:It's spelt Firefox by Mozk · · Score: 2, Funny

    It's spelled spelled.

    That is, unless you're British.

    --
    No existe.
  18. If you are that worried... by symbolset · · Score: 1

    If you're that worried, connect through wireless to your neighbor's open wireless access point. Then open a VM and boot it to Ubuntu or some other Live CD and use that to browse whatever you want.

    And remember dear: there's nothing to be embarassed or ashamed about, but wash your hands afterward.

    --
    Help stamp out iliturcy.
  19. Re:It's spelt Firefox by symbolset · · Score: 1

    You do know there's a plugin called Firesomething, right? Call it what you want. Or install Firesomething and "All your branding are belong to Firesomething." Every time it starts it can have a different name.

    Yes, it's for 1.x Firefox. There are instructions in the link to fix it so it works with versions up to 4.0.

    --
    Help stamp out iliturcy.
  20. Re:It's spelt Firefox by BorgCopyeditor · · Score: 1

    At least you're not calling it Fox Force Five.

    --
    Shop as usual. And avoid panic buying.
  21. Safari's privacy mode is for local privacy by hayne · · Score: 2, Insightful

    Safari's "Private browsing" mode is not intended to keep info on your computer (e.g. previous cookies etc) from being sent to web servers. It is intended for the reverse - to keep the details of your browsing session private from others who might access your account using that computer. I.e. it merely prevents records being kept about your browsing session.

  22. Re:It's spelt Firefox by Stuart+Gibson · · Score: 1

    Ketchup.

    --
    It's all fun and games until a 200' robot dinosaur shows up and trashes Neo-Tokyo... Again
  23. solution on Firefox .. by rs232 · · Score: 2, Informative

    clear private data on close ..

    --
    davecb5620@gmail.com
  24. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion