Quarantining an account from the Internet, or from all networking?

Bill Sconce sconce at in-spec-inc.com
Thu Aug 19 13:10:19 EDT 2010 

On Mon, 16 Aug 2010 16:56:32 -0400
Bill Sconce <sconce at in-spec-inc.com> wrote:

> (The intention is to quarantine a very-untrusted application,
> for example a program which runs Flash, 
>    [...]
> It all has to do with a talk I should do someday, and which has
> gotten a fresh kick from Eben Moglen's talk at LinuxCon...


Today, this:

http://www.networkworld.com/community/node/65207

    The "Clearspring" lawsuit further states, "A millisecond
    was the time allotted to an online visitor opening a 
    Clearspring Flash Cookie Affiliates' webpage, before a
    Flash cookie was embedded within their computer and data
    collected immediately, without their awareness, knowledge
    or consent to such actions."
        [...]
    You might find that Ccleaner is your friend. I'm not sure
    how much good it actually will do, since these zombie-cookies-
    from-hell can re-spawn in five seconds, but delete cookies or
    change your Flash player storage settings.

Not just obscure sites in Romania, either.

    But what really catches my attention today is the audacity of
    Warner Brothers, of Warner Bros. Records being named in this
    suit. Really, Warner Brothers?
        [...]
    According to the complaint (.pdf), these zombie cookies could
    be used to collect information to determine "users' video viewing
    choices and personal characteristics such as gender, age, race,
    number of children, education level, geographic location, and
    household income, what the web user looked at and what he/she
    bought, the materials he/she read, details about his/her financial
    situation, his/her sexual preference, his/her name, home address,
    e-mail address and telephone number, and even more specific
    information like health conditions, such as depression."
        [...]
    It also points out that the CEO of Clearspring admitted that
    Flash cookies were a mistake. The company says it no longer uses
    Flash cookies for tracking. 

(THAT's reassuring, since Clearspring were the only ones. :)

    Sometime in the future, however, Clearspring intends to start
    selling consumer data to advertisers.

No comment.

Summary: if you have EVER used Flash in a unquarantined browser...
(fill in your own answer here).

"We only clicked on sites we trust"?
Like YouTube??

-Bill

More information about the gnhlug-discuss mailing list