Is there a killbit known for…

I've been accused of being overtly paranoid about this issue, but to date nobody has been able to prove me wrong, and Macromedia has failed to reply to requests for specific issue confirmation.

As a result I have and will continue to boycott all products from Macromedia.

To whit… FlashPlayer 6.0

The problem? Simply stated the new version of Flash player allows "Outside" applications from other websites to obtain the usage of your webcams/ microphones.

Macromedia has a very unclear position on the "exploitability" issues that I have requested clarification on. They're official position is that they "Are not responsible for what other sites do with this technology".

I find this ability and lack of "willingness" to be held accountable for their own products use inexcusable. And while you can set the "feature" to disallow access, (it is not always remembered even if you select to "remember" btw) Macromedia will not claim that malicious users cannot bypass that blockage.

I've never been one to speak "DOOM" about anything, but the fact that any website could access my webcam/ microphone at their discretion bothers me, as does the fact that Macromedia will not publicly announce that this is not a possibility.

Sorry for my rambling, got off topic…

Anyway, my question is, is their a known killbit to stop websites that require any macromedia products be installed from automatically downloading the control and then asking do you want to install it?

Im finding this extremely frustrating and even go so far as to let the webmasters know that they are loosing potential viewers, customers by requiring this feature be supported "universally" on their sites.

Thanks in Advance,

 

The key to clobber Flash is here:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11cf-96B8-444553540000}

This is handled just like any key SpywareBlaster would add (i.e. a REG_DWORD setting named "Compatibility Flags" set to decimal 1024 blocks the control, while the same value set to 0 allows the control).

The thing about Flash is that a lot of sites require it, and there may be times when you just... want to use it. To that end, there are several tiny, free utilities that can be run in the system tray, or from the command line (i.e. run and exit), and enable you to dynamically turn the kill bit for Flash on and off. The one I have used extensively is the UI version of NirSoft TurnFlash:

http://riedersoft.myftp.org:85/~users/nirsoft/utils/tflash2.html

I prefer the UI version of TurnFlash (over the command-line-only version of the same) because it gives me the choice: I can still use it as a command-line utility, or I can let it run in the tray. If you run it in the tray, you can easily see whether Flash is enabled or disabled. If you come across a site you want to enable Flash for, you just click the tray icon, then refresh the page in your browser.

Incidentally, the camera and microphone permissions always default to "Deny", and even if you allow them, they will revert to "Deny" unless you tell Flash to remember the setting. And this will be of interest to you as well:

http://www.macromedia.com/support/flashplayer/help/settings/global_privacy.html

 

Nameless beat me to it.

I may add a "misc" section under the "Tools" area in SpywareBlaster in the future. This would allow the toggle of Flash and other non-spyware but possibly unwanted items.

Best regards,

-Javacool