A lot of Adobe is getting evil try getting the latest Reader WITHOUT having Air rammed down the users throat. I am referring to the SOHO or Homeowner not enterprise.
Jon On Fri, Aug 14, 2009 at 3:48 PM, Kurt Buff <[email protected]> wrote: > Below is a snippet from the SANS Newsbites. See Ranum's editorial > comment - it'll make you shiver. > > For instance, the 'exec' option here: > > > http://www.adobe.com/support/flash/action_scripts/actionscript_dictionary/actionscript_dictionary372.html > > Kurt > > > --Quantcast Casts Out Flash Cookies in Wake of Report > (August 12, 2009) > In the wake of research published about Flash cookies, online tracking > company Quantcast has stopped its practice of recreating customers' > cookies with Flash after users deleted the regular cookies. The > researchers showed that some websites were circumventing customers' > wishes not to be tracked by creating the flash cookies, which are not > affected by browser privacy settings. Quantcast made the change to its > practices on Tuesday afternoon after the research was published. > According to the report, more than half of 100 sites scrutinized for the > research used Flash cookies. Adobe has provided instructions for > managing Flash cookies on its website. > > http://www.wired.com/epicenter/2009/08/flash-cookie-researchers-spark-quantcast-change/ > http://kb2.adobe.com/cps/546/4c68e546.html > [Editor's Note (Ranum): The active content ("run whatever some guy over > there tells you!") model has always been a threat; there is simply no > way around it. I'm only surprised that it has taken so long for Flash > to have a spotlight shined on it. If you want to see something really > scary, read about the Flash "fscommand" operator - basically it's the > equivalent of system(3) in UNIX circa 1985. Running Flash in your > browser is the equivalent of giving a command prompt to everyone who > owns every website you visit. > (Pescatore): Palm was just outed for the Palm Pre secretly sending > location information back to Palm. Hiding behind opt-out language buried > in eensy beensy type in voluminous end user licensing agreements is a > great way to anger your customers.] > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
