Blog: Adobe Flash

Level Platforms has partnered with a company called Ninite to provide prebuilt installers for many non-Microsoft utilities and applications.  These include Java, Adobe Reader, and Adobe Flash.  With the new scripting features in Level Platforms MW2011 we should be able use the packages provided by Ninite to centrally manage updates to these applications.  If you want to try Ninite, they provide free installers packages that are completely functional, but with some restrictions for enterprise automation.


After listening to a security podcast about Flash security, I decided to change some of my settings. You can do this by going to the Adobe Flash Player Settings Manager web page and clicking on the tabs to disable features.  One of the settings I disabled was "Allow third-party Flash content to store data on your computer". [more]

Adobe Flash Player Settings Manager

One thing I noticed after I disabled the "Allow third-party Flash content to store data on your computer." option was videos at some sites like CNET stopped working. This was happening regardless of which browser I tried, so I suspected a problem with Flash.  But other Flash content worked like YouTube.  Eventually, I remembered changing the Flash settings and re-enabled the third-party Flash content to fix the problem.


Most people know about the cookies that internet browsers use to store information.  It's easy to configure browser settings to not allow cookies, only allow trusted cookies, and to delete cookies when exiting the browser.  What slips around the radar are Local Stored Objects (LSO), also known as super-cookies or Flash cookies.

LSO’s use Flash technology to store more information than regular cookies.  In addition, LSO’s can be used to recreate, or respawn, deleted cookies.  More than half of the internet’s top websites use a little known capability of Adobe’s Flash plug-in to track users and store information about them, but only four of them mention the so-called Flash Cookies in their privacy policies according to UC Berkeley researchers.

To control these Flash cookies, you have to use the controls on Adobe’s site.  According to Wikipedia,  “Users can only opt-out of Local Shared Objects globally by using the Global Storage Settings panel of the online Settings Manager at Adobe's website. Users can also opt-out of them on a per-site basis by right-clicking the Flash player and selecting 'Settings'.  Adobe's online-only Website Storage Settings panel was created to let users view and delete LSOs on a per-domain basis. It is also possible to completely disallow LSOs from a specific domain by setting the storage space to "0 KB", however, although no data is stored, empty directories with the name of the domain are nonetheless created. Add-onextensions that allow the user to view and delete LSOs have also been created for the Firefox Web browser, e.g. BetterPrivacy.”