[PrivacyBadger] How should Privacy Badger deal with Flash supercookies?

Cooper Quintin cooperq at eff.org
Fri Aug 1 11:14:34 PDT 2014

Indeed they would, yet another reason why injecting a flash shim is
probably our least desirable option.  I think that the ideal option
would be to have a browser API that lets us handle flash cookies. But of
course that is a long way off, even if we get started right away.

- Cooper

On 08/01/2014 09:16 AM, Maxim Nazarenko wrote:
> Wouldn't Flashblock (and similar click-to-flash plugins) interfere with
> flash injection?
> Best regards,
> Maxim Nazarenko
> P.S. Chrome is no longer Webkit :P
> On 29 July 2014 23:37, Peter Eckersley <pde at eff.org
> <mailto:pde at eff.org>> wrote:
>     r33lmm has offered to give us some advice/assistance in handling
>     Flash in
>     privacy badger, which is really about handling Flash LSO cookies.
>     Flash LSOs are going to be a bit tricky for us to detect and (when
>     yellowlisted) block or 3rd-party-block in Privacy Badger, and especially
>     Privacy Badger for Chrome.  In Firefox we have extra browser API
>     options,
>     and the option of walking into the filesystem and messing with the Flash
>     config file or the Flash cookies on disk, but even there LSOs will be
>     tricky.
>     One strategy would be to inject a content script which runs some flash
>     into every page, that goes in messes with LSOs in some clever way.  But
>     that seems horrible, and only worth considering if we can make our Flash
>     run if and only if the page has some Flash of its own that's about to
>     execute.
>     Another strategy would be to forcibly set click-to-play for Flash, which
>     is sort of ducking the question but might be ok.
>     --
>     Peter Eckersley                            pde at eff.org
>     <mailto:pde at eff.org>
>     Technology Projects Director      Tel  +1 415 436 9333 x131
>     <tel:%2B1%20415%20436%209333%20x131>
>     Electronic Frontier Foundation    Fax  +1 415 436 9993
>     <tel:%2B1%20415%20436%209993>
>     _______________________________________________
>     PrivacyBadger mailing list
>     PrivacyBadger at eff.org <mailto:PrivacyBadger at eff.org>
>     https://lists.eff.org/mailman/listinfo/privacybadger
> _______________________________________________
> PrivacyBadger mailing list
> PrivacyBadger at eff.org
> https://lists.eff.org/mailman/listinfo/privacybadger

More information about the PrivacyBadger mailing list