Comments on: Adobe Flash, The Spy in Your Computer – Part 2 http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: David Harley http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2543 Tue, 13 Mar 2012 09:06:11 +0000 http://blog.eset.com/?p=5110#comment-2543 Mark, I’m afraid Randy is no longer with ESET. I haven’t done the research into Flash that he did, and I can’t tell you exactly what it was you saw. It doesn’t sound like “real” Flash behaviour, more like a fake AV pop-up, but I can’t say whether it had anything to do with the file you deleted. Sorry I can’t be more helpful, but I don’t doubt your sanity. :)

]]>
By: Mark http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2542 Mon, 12 Mar 2012 05:57:38 +0000 http://blog.eset.com/?p=5110#comment-2542 Randy,
I just had a big problem and had to preform a system restore point to fix it.  A Icon called "internet security" appeared in my task bar and prevented me from opening any programs including IX and Even task manager.  When de-minimizing it from my task bar to see what it was, it was doing a complete system scan.  Except, no buttons would work except the stop scan.  It looked like a regular norten antivirus pane, with setting buttons and everything, except no buttons would work save, "Register Now" option.  I immediately unplugged my cable connection, and shut down the computer.  Tried reboots, a few times, opened in safe mode to look around, but I couldn't find anything…no new programs downloaded, no security program to un-install in the control pannel.  I was at a complete loss.  After the system restore point was finished, it gave me the message after it restarted windows that a file had to be renamed.
that file was c/documents and settings/administrator/application data/macro media/flash player/macromedia.com/support/flash player/sys(2)   And inside that folder was guess what…."settings.sol" file.  Well, I deleted that file…it sits in my trash can now…computer seems to be running fine now.  Don't know where I got it, or how it got past antivirus, I think it is to blame for this "internet security" icon which took over everything.  Am I crazy or what?

]]>
By: Me http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2541 Thu, 22 Sep 2011 20:27:35 +0000 http://blog.eset.com/?p=5110#comment-2541 I assure you, this is being used for more than just a spy for ads. Big brother is always watching.

]]>
By: Tania Guachi http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2540 Wed, 18 May 2011 17:47:59 +0000 http://blog.eset.com/?p=5110#comment-2540 Hola me gustaria saber como cargar la imagens en un archivo de flash swf desde un archivoo txt en donde esta en el path de las imagenes porfa se que lo hay y se puede pero no c en donde se configura se lo agradeceria mucho

]]>
By: Randy Abrams http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2539 Fri, 28 Jan 2011 23:27:48 +0000 http://blog.eset.com/?p=5110#comment-2539 The link works for me.

]]>
By: Magister Max http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2538 Wed, 26 Jan 2011 00:03:33 +0000 http://blog.eset.com/?p=5110#comment-2538 I tried to access the advanced Adobe page you mentioned, but it seems the rotters have removed it. Any idea on access now?

]]>
By: Layne Chin http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2537 Thu, 13 Jan 2011 04:10:39 +0000 http://blog.eset.com/?p=5110#comment-2537 Sorry.  But I did mean it for iOS. 

]]>
By: Randy Abrams http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2536 Tue, 28 Dec 2010 18:18:29 +0000 http://blog.eset.com/?p=5110#comment-2536 Apple supports Flash, just not on iOS. Flash works on a Mac Computer

]]>
By: Layne Chin http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2535 Tue, 28 Dec 2010 05:55:55 +0000 http://blog.eset.com/?p=5110#comment-2535 That is why apple support no flash.

]]>
By: jason http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2534 Thu, 09 Dec 2010 02:24:26 +0000 http://blog.eset.com/?p=5110#comment-2534 I'm disappointed to see you chasing, and recommending, such a convoluted path in dealing with the Flash issue. The  Firefox addon "Better Privacy" and /or free CCleaner utility from piriform.com nicely handle cleanup across browsing sessions.
Kudos — mentioning the creation of a *.sxx file was a nice detail. Better would be a walkthrough of the dizzying array of registry keys created during Adobe/Macromedia Flash install (Shockwave Director also, if you're feeling particularly ambitious).
Cut your nose off to spite your face? That's what your "I can live with it" Disney example amounts to.
While you're chasing "issues", crossdomain.xml sharing is more extensive (and invasive IMO) than LSOs, so how about let's see a blog article on that topic.

]]>
By: X http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2533 Sat, 20 Nov 2010 16:04:45 +0000 http://blog.eset.com/?p=5110#comment-2533 The MMS.CFG file is to be found/placed in the WINDIR%System32MacromedFlash folder

]]>
By: Randy Abrams http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2532 Wed, 13 Oct 2010 17:21:07 +0000 http://blog.eset.com/?p=5110#comment-2532 You can’t do that from Flash, you need to do it from the command line or from Windows Explorer

]]>
By: Randy Abrams http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2531 Wed, 13 Oct 2010 17:19:45 +0000 http://blog.eset.com/?p=5110#comment-2531 mms.cfg does not exist on your computer until you create it. settings.sxx only is created if Flash cannot write to settings.sol. If you mark settings.sol as read only anf go to a Flash enabled site then settings.sxx will be created.

]]>
By: FLORENCIA LOPEZ http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2530 Tue, 12 Oct 2010 16:15:12 +0000 http://blog.eset.com/?p=5110#comment-2530 Es casi imposible para una persona común y corriente detectar cualquier fraude o como se le llame  incurrir en los errores en los  que no deberíamos caer; la gama de conocimientos nunca es tan amplia como para salvarse de cosas indeseables a nivel cibernético; eso es para profesionales especializados en informática ;pienso que existen demasiados vacíos legales; veo que esto es un nuevo tipo de sociedad en la que abran personas buenas y malas  actuando según sus principios; agradezco por mi parte el hecho de poder dar una opinión y de recibir de uds. las alternativas para mejorar el buen uso de los distintos servicios; al final ya cuesta saber quien es quien,gracias por todo.

]]>
By: Don Hanson http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2529 Tue, 12 Oct 2010 16:04:37 +0000 http://blog.eset.com/?p=5110#comment-2529 I can't find mms.cfg on my win7 64 system. I am logged in as Admin with Show hidden files, folders and drives and Hide protected operating system files unchecked. I've looked in the location given in the Adobe pdf and also did a search on the C: drive. Perhaps related, I found settings.sol but not settings.sxx. The paranoid me says it's a conspiracy.

]]>
By: Mark Rucker http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2528 Tue, 12 Oct 2010 00:38:06 +0000 http://blog.eset.com/?p=5110#comment-2528 Yes–in follow-up to Philip's comment,  the option for an alternative would be ideal, whereas even if one doesn't cruise YT or other video portals for sheer entertainment, some of us who deploy video as part of our online business need to render much of it, though not all– in Flash. Then, we need to be able to freely watch the results of a newly-filmed file uploaded to the server, and monitor it running well. To work with Flash productively while maintaining the level of privacy (I prefer as much as you do), will appear to require going in and changing these settings frequently. It looks like one big hassle for people with small businesses who are still doing their own webmastering, and can barely find time enough for their workload as it is.   

]]>
By: Christian http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2527 Sun, 10 Oct 2010 17:31:21 +0000 http://blog.eset.com/?p=5110#comment-2527 Where would I go in the online configuration panel to set settings.sol and settings.sxx to read only?

]]>
By: Katherine http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2526 Sat, 09 Oct 2010 04:13:41 +0000 http://blog.eset.com/?p=5110#comment-2526 Sounds like a good idea.  I mean, people are already ahead of Adobe with PDf support, so why should this one be any different?  Just another fun project. 

]]>
By: Randy Abrams http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2525 Thu, 07 Oct 2010 12:20:00 +0000 http://blog.eset.com/?p=5110#comment-2525 I’ll have to research this. I suspect that even alternate players would still have to support LSOs, but I’ll check it out and report my findings in part 3 or 4 of this series.

]]>
By: Philip http://www.welivesecurity.com/2010/10/06/adobe-flash-the-spy-in-your-computer-part-2/#comment-2524 Thu, 07 Oct 2010 09:06:34 +0000 http://blog.eset.com/?p=5110#comment-2524 Thanks for a lot of clear information.
Do you think it would be possible to use an alternative .swf player, instead of the Adobe Flash Player, as a means of avoiding some of these issues?

]]>