I have to say, I'm surprised that this discussion hasn't deteriorated to: Reply 1: I don't use flash Reply 2: I don't use gui browsing, it's text based browsing for me Reply 3: etc... a-la http://xkcd.com/378/ .
On Tue, Sep 15, 2009 at 3:18 PM, <[email protected]> wrote: > You can configure Flash directly by visiting > > http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html > > (Website Privacy Settings / Website Storage Settings) > > And while you're there, there are lots of other settings you may want to > adjust... > > > cheers, > Toralv > > > ------------------------------ > *From:* [email protected] [mailto:[email protected]] *On > Behalf Of *Imri Goldberg > *Sent:* Tuesday, September 15, 2009 1:40 AM > *To:* funsec > *Subject:* [funsec] Firefox' privacy mode not so private > > Heya > It seems this was some kind of a 'known secret', but firefox' privacy mode > isn't private. Apparently, websites[1] can use flash to store > 'Local-Shared-Objects' (LSOs, see > http://en.wikipedia.org/wiki/Local_Shared_Object ), which are basically > cookies. Firefox' regular capabilities of 'clear all private data' and > 'privacy mode', which supposedly don't leave any record of your browsing > history, don't erase these files. > > Simplest solution: erase the files. > Other solutions: install BetterPrivacy (disclaimer: I didn't use it enough > to vouch for it), uninstall flash (and delete the files), install a > flash-blocker, etc. > > I've also written a short blog post on the subject, you can also leave your > comments there: > http://www.algorithm.co.il/blogs/index.php/security/privacy-mode-not-so-private/ > > Cheers, > Imri > > [1] websites include at least google and youtube, various cdns (which may > be used by multiple websites), etc. > > -- > Imri Goldberg > -------------------------------------- > www.algorithm.co.il/blogs/ > -------------------------------------- > -- insert signature here ---- > > > ------------------------------ > Firmensitz: Muenchen > Amtsgericht: AG Muenchen > Handelsregister: HRB 144340 > Geschaeftsfuehrer: Emmet Russell, Keith Krzeminski, Douglas Rice > Bankverbindung: ABN-Amro Bank N.V. Konto 671 211 9006 > UST-ID: DE168122444 > -- Imri Goldberg -------------------------------------- www.algorithm.co.il/blogs/ -------------------------------------- -- insert signature here ----
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
