Flash Player 10.3 LSO Privacy vs. User Data Protection...Flash 10.3 throws out Baby with Bathwater

Forum|Forum|15 years ago
May 24, 2011
4 replies
1279 views

Why hasn't Flash Player 10.3 been designed to support both:

1) Users for whom Flash LSO a.k.a. cookies, provide crucial cross-session storage of data for Games and Applications; and

2) Users who do NOT want flash cookies at all ?

In MSIE for Example there is no way to White-List or Protect selected websites Flash cookies. Why Not ?

Example: After up-incrementing alloted Storage for a given site in the Global or Local Settings Manager, and Favoriting a site, and Placing the site on the MSIE Start Menu.....The Flash Storage (Cookies, LSOs) can be Globally Erased for All Websites and All Browsers on Users Device just by cleaning up Cookies in MSIE.

Adobe needs to do a better job of protecting the Flash Franchise and a vital part of that Franchise for your legions of developers and their customers is the LSO and the accompanying File Export and Import capability provided by your File Reference Class.

SUGGESTIONS:

1) In the Desktop Environment allow a user to White-List websites whose Flash Cookies can NOT be deleted by the Browser.

2) Allow the same 4k minimum storage for Flash Cookies that existing HTML cookies are already allocated without any appearance of the dreaded settings panel.

3) On Mobile phones get the LSO working on the SIM card by default and enable the File Reference Class Export and Import functionality.

The Flash Franshise is at a critical juncture. Adobe has admittedly been hammered this year by Steve Jobs in general and by Congressional and consumer distaste for Flash Cookies in particular. At the same time, for us Flash Developers, Adobe management has done a poor job of defending the merits of Flash for popular consumer web applications and games.

It is unfortunate that while Browser support for other forms of Client Storage, e.g. Webkit openDatabase, HTML5 IndexedDb, DOM storage and MSIE Silverlight Isolated Storage are all allowing transparent and in many cases permanent cookie or sandbox storage of 5meg per domain, the Flash platform is loosing all of what had been similar functionality.

Why are you, Adobe letting this happen ?

Management needs to get involved and make the Case for Flash Player.

Please do so before it is too late.

This topic has been closed for replies.

J

jrpruitt

Participant

Is there a way to uniquely identify a remote client computer w/o storing a flash cookie, so the "cookie" data could stored on the server based on that unique identify? (can't be IP address, since that is likely not static)

pwillener

Legend

DEVQUES wrote:
Why are you, Adobe letting this happen ?

Please note that this is a user forum; you are not addressing Adobe here, let alone Adobe management.

J

jrpruitt

Participant

I 100% agree! We have an application that the Government requires information to be stored on the users computer as part of Multi-Factor-Authentication. We originally wrote it as a browser application and when everyone and their brother started deleting browser cookies because of security concerns, we totally re-wrote it as a Flash application to take advantage of permanent storage. This new "feature" in Flash Player is causing much concern because thousands of users will need to start answering lots of security questions every single time they use the application (ie: daily) and our staff is having to handle technical support questions that shouldn't exist. Right now it's only IE that's causing the issue, but I'm sure every browser and Internet Security program will soon be adding this to their products. There should at least be a way for the USER to white-list a specific Domain so Flash could exempt those sites from ANY external program trying to delete ALL Shared Objects/Local Storage/Flash Cookies. The USER should be given that choice. This would satisfy the extra privacy you are putting in there and still allow information to be stored from sites that require it.

John

A

Anonymous

I totally agree. Adobe CEO Shantanu Narayen is really droppin the ball. It seems as though he has no fight in him and is really not willing to stand up and fully support Flash. It even seems like the whole flash/flex team from Mike Chambers to Peter Hahn have given up trying to push flash and flex. I really think Adobe ought to give Narayen the boot and get someone in there who is really understands that the flash/flex paradigm is a better tool than cobbling together HTML 5/ css/ Javascript. So what if Apple does not like it, Adobe needs to stop appearing to lie down...

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded