Adobe has released a critical update to its Flash Player software (the browser plugin) that fixes critical security flaws and gives users a better way of controlling whether they are being tracked on the Web.
The Flash Player 10.3 update, released May 12, lets users manage Flash cookies using their browser’s privacy settings or through a new, native OS control panel.
And at long last, Mac OS users will finally get automatic software update notifications. It has been a disgrace that it took so long for Adobe to provide this, but we’re grateful nonetheless.
Because of this missing update notice functionality, I just found out about it today, May 18.
Mac OS X Security — Urgency is Growing for Protection
A client of ours, CHEN PR, handles the PR and social media strategy for Sophos. This is how we came across their free antivirus software for Mac.
As an all-Mac shop since we began in 1996, PDG & Associates has never used or needed antivirus software. For various reasons the Mac was not an easy or viable target for malware writers. But with Apple’s rising dominance in the computer industry perhaps it’s time to batten down the hatches!
Are you aware of how large the site tracking industry is growing? WSJ reports about intrusive consumer-tracking technologies:
The 50 [sample] sites installed a total of 3,180 tracking files on a test computer used to conduct the study. Only one site, the encyclopedia Wikipedia.org, installed none. Twelve sites, including IAC/InterActive Corp.’s Dictionary.com, Comcast Corp.’s Comcast.net and Microsoft Corp.’s MSN.com, installed more than 100 tracking tools apiece in the course of the Journal’s test.
The companies that placed the most tracking tools were Google Inc., Microsoft. and Quantcast Corp.
* * * *
Some of our web clients need analytical visitor tracking tools, which are not used to build consumer profiles but rather to determine content popularity and effectiveness of Adword Campaigns and referral sources. They have not joined networks like Quantcast to track all of your activities across other websites.
Beware Tabnabbing, a New Type of Phishing Attack Wow. The number of ways you can be fooled into giving up your private logins through a web browser keeps growing.
Adam Engst at Tidbits.com describes the attack using your browser history (you do purge it often, right)? See a demo at StartPanic.com and read more at Krebson Security.
The lesson: keep your browser history clean, do not sign into any secure site from a tab left open, and block as many 3rd-party ads as you can with AdBlock for FireFox. And wait for Firefox to fix this bug in accessing global history.
We find that more than 50% of the sites in our sample are using flash cookies to store information about the user. Some are using it to ‘respawn’ or re-instantiate HTTP cookies deleted by the user. Flash cookies often share the same values as HTTP cookies, and are even used on government websites to assign unique values to users. Privacy policies rarely disclose the presence of Flash cookies, and user controls for effectuating privacy preferences are lacking.
There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.
To call this a deceptive practice would be a major understatement. Crooked, immoral, fraudulent, illegal, are just some of the words that come to mind.
There are tools to help you delete these unwanted sneaky cookies… for Firefox, use BetterPrivacy.