Flash to offer more control over cookies

Adobe will build in Control Panel access to Flash Player security settings, but is it too little, too late?

Most users are already aware of the risks presented by cookies, the small data files that browsers save on our computers to remember things like login details, or Website preferences. Although arguably harmless, cookies can be used to track visitors across different Websites, and advertisers are increasingly using them to target ads based on our Web surfing habits.

The capability to clear out cookies is built into every browser, but few people realise that Adobe Flash Player--the plug-in used to provide YouTube video and Web games--has a similar system that's annoyingly difficult to monitor and clean. This has led to Websites abusing the system in order to track users.

Flash Player refers to its system of small data files as local shared objects, or LSOs, although the rest of the world calls them Flash cookies. They're typically used to store login details for Websites, or perhaps game scores on Flash games. They can even be used to store larger amounts of data for Flash applications, such as image editors or office programs.

You can see how many LSOs are stored on your system by visiting the Global Storage Settings panel page on Adobe's Website. You can also clear LSOs there and discover what sites they came from (although beware that porn sites are some of the heaviest users and abusers of LSOs, so if you're viewing the LSOs of a shared computer, you could dig-up dirt you weren't expecting.)

You might be wondering why you have to visit Adobe's Website to clear data on your own computer. That's a very good question and has been asked by many. Adobe's excuse might be that Flash Player is a plug-in, and as such lacks a user interface.

The good news is that in conjunction with privacy advocates Adobe has begun work on a number of systems to make it infinitely easier to control LSOs. For example, forthcoming releases of Flash player will add an applet to Control Panel (or System Preferences on a Mac) to allow the same degree of control over LSOs as can be found at Adobe's Website.

Adobe has also been working with Mozilla and Google to integrate LSO management features directly into Firefox and Chrome, respectively. This is courtesy of a new Application Programmer Interface (API) that theoretically can be easily added into any browser by developers. Sadly, there's no news whether Microsoft or Apple will be doing so for Internet Explorer and Safari, and given Apple's rocky relationship with Adobe in recent times, it might be unlikely.

Although the browser control panel will be along soon in Chrome and Firefox, those eager to get a look can try downloading developer builds of Google Chrome in the coming weeks and searching through the Preferences dialog. Beware that these releases haven't even reached the beta stage, however, so won't be stable.

Adobe's work is undoubtedly being spurred on by substantial privacy concerns. Last year entertainment companies Disney, Warner Bros. Records, and others were sued for allegedly tracking users, many of whom were minors, using Flash Player LSOs. Additionally, the University of California at Berkeley published a paper showing how LSOs can be used by nefarious individuals to recreate cookies that the user has chosen to delete. Up to 50 per cent of sites were caught doing so, in fact.

Flash Player has been under attack from all directions in recent times, with Apple leading the charge and pointing out that Flash is to be superseded by HTML5, which will be built into every browser. For this reason Apple does not include Flash Player on its iPhone or iPad devices, and has also begun leaving it off MacBook Air computers, possibly because of battery drain issues.

However, although cynics might suggest that Adobe's efforts are too little, too late, the fact is that--imperfect as it is--Flash is still a strong contender for providing interactive and multimedia content online for some time to come. As well as addressing security issues, forthcoming releases of Flash Player are also to be significantly more efficient, and will therefore drain laptop batteries less.

Demonstrations of multimedia and interactive functionality via HTML5 are still novel enough to raise eyebrows and engender a short round of applause--hardly a sign that HTML5 is yet mature enough to push aside a more established technology, regardless of security issues.

Keir Thomas has been writing about computing since the last century, and more recently has written several best-selling books. You can learn more about him at http://keirthomas.com and his Twitter feed is @keirthomas.

Tags online securityspambrowser securityAdobe Systemssecurityvirusesflashphishingprivacy

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Keir Thomas

PC World (US online)

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?