

Rather insidious...Flash "cookies" - makecheck

If your browser has a Flash plug-in, it is capable of storing cookies that are not at all obvious.<p>I'm fairly security-minded (as I use OmniWeb's many features for filtering out the stuff I don't want), but this one I missed.  And it really bothers me, because:<p>1. Nowhere in the contextual menu for Flash content is there any way to reach the interface for managing cookies (e.g. deleting them).  For this, you have to go to a web page:<p><pre><code>    http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html
</code></pre>
2. The menu <i>does</i> have a "Settings" item, which displays many tabs of Flash player settings.  This conspicuously <i>does</i> look like a complete set of controls, yet it omits cookie controls completely.  In other words, if you think this shows everything the player can do, it doesn't.<p>3. Although you can finally delete the cookies from the web site, I saw no "don't ever store cookies in the first place" option.  So I basically have to keep going in and removing them.  (You can limit storage per-domain, but this is hardly a solution as many come from domains you'd never expect.)<p>This is insidious, Flash is not being forthcoming about what it is capable of doing.  Those of you on HN who are normally protective of other forms of cookies, what are your thoughts?
======
dbrush
Flash isn't insidious about it's "cookies" just as browsers aren't insidious
for allowing developers to use cookies and The Pirate Bay isn't insidious for
allowing people to use BitTorrent... for whatever legal or illegal purposes
they choose. For more examples see gun manufacturers, alcohol distributors and
companies like Mozilla, Microsoft, Apple and Google.

------
giardini
You can manually delete the "cookies" (which are simply files named after the
URL from whence flash videos came) from the two folders that they're stored in
on your Windows system.

