Adobe stance on local storage

Notice WIRED has coverage of a legal challenge to various websites which use Local Shared Objects in Adobe Flash Player to complement browser cookies in identifying return visitors… got picked up by Slashdot and Techmeme.

I don’t know details of the individual websites or the particular concern, but I do know that Adobe has expressed its position on this… see the February “Adobe condemns cookie respawning in comments to FTC” and “My Interview with Adobe Chief Privacy Officer”. Adobe is also working with the major browser vendors to integrate with their recent “private browsing” modes.

(For me personally, the bigger issue is any such storage and identification done by third-parties across websites… the WIRED article’s webpage itself requests assets from nearly a dozen third-party domains: “web beacons” which notify a service when you visit a page. Details of local storage or IP tracking only seem to matter once such third-party notification systems are in place.)

3 Responses to Adobe stance on local storage

  1. Recently disabled Flash because Firefox windows left open for hours or days eventually chewed so much memory this computer would slow to a crawl…

    Seems some Flash based adds manage a steady incremental memory leak resulting in a 150meg footprint growing to 7oomegs plus over time!

    The web points out Firefox may be at fault, not necessarily Flash – who knows – looks like flash from here, or the developers running continous loops of some sort.

    With smart phones coming online and HTML5 gaining acceptance, maybe it’s time for the publishing system to offer a Flash4 range of publishing options that forgoes the player.

    Someone’s going to do it eventually – is Adobe nimble enough to pull it together?

    [ Could be poorly-written SWF… Adobe doesn’t have an approval-process for publishing. But even with a Flash-blocker I try to restart both my Firefox (particularly the Macintosh) regularly to avoid the same problem. -jd ]

  2. Tom McCrystal says:

    You know, JD, it would be a lot easier to take Adobe’s position on the LSO/privacy issue a little more seriously if management of LSOs wasn’t such a clusterf**k for users.

    For instance, the settings manager at breaks all the time, there’s no way to view the contents of a LSO (as you can with cookies), there’s no way to delete multiple LSOs at the same time, there’s no way to create a block list. The list goes on and on.

    If Adobe really wants to fix some of the privacy issues, it needs to start by fixing both the UI and UX for the user’s process of managing LSOs, as well as giving users some granularity and control over how LSOs can be used.


    • John Dowdell says:

      Yes, the Player Permissions UI could definitely be improved. The situation within browsers in 2002 was much more constrained, and the variance in pixel-dimensions of realworld SWF required a separate webpage to expose local settings. Since then browser privacy UIs have come a long way, and we’re already starting to see integration with some browsers’ “Privacy Mode” settings. I haven’t heard word of what next may happen when, but I’m hopeful.