Adobe controls Flash settings on your computer

October 25, 2011

Piczilla has been on the receiving end of much grief, famously from Steve Jobs and more recently Microsoft, vis-a-vis Flash Player security. With the release of version 10 and faster responses to known issues, Adobe’s been getting less flack. Nevertheless, Flash is still far from safe.

If you’re like me, you turned off camera and mic access in Adobe Flash Player’s system wide Settings/Preferences. The problem? That’s a completely useless gesture as control of these functions is actually held by Adobe.

Steven M. Bellovin writes that a recent Flash Player security flaw exposed by a Stanford University researcher, one that allowed a remote site to turn on a user’s camera and microphone, was quickly patched by Adobe. However, they didn’t do it with a new release — engineers adjusted settings on the company servers where settings are managed.

That’s right — code on a remote computer somewhere decides whether or not random web sites can spy on you. If someone changes that code, accidentally or deliberately, your own computer has just been turned into a bug, without any need for them to attack your machine.


And, if you’re a half-glass-full kind of law enforcement individual, Flash Player has a convenient back door, one that doesn’t require a warrant.

Thereupon, computer hacker extraordinaire Charlie Miller really summed it up best, “The main thing is not to install Flash”.

It’s little wonder then that Microsoft’s upcoming Windows 8 won’t include Flash

What’s your take?

via Daring Fireball

Be Sociable, Share!

Recent stories

Featured stories

RSS Windows news

RSS Mac news

RSS iPad news

RSS iPhone & Touch

RSS Mobile technology news

RSS Tablet computer news

RSS Buying guides

RSS PS3/Wii/Xbox 360

RSS Green technology

RSS Photography

Featured Content


Copyright © 2014 NS