BetterPrivacy

Alertes failles
de sécurité et
de mises à jour

Contribuer - Questionner
Faire un lien

BetterPrivacy - FAQ : Ce document, entièrement en anglais, et qui concernait FLASH (qui n'existe plus) démontre à quel point Firefox pousse la défence, la protection et l'intérêt de ses utilisateurs. Ce document d'archives est conservé en témoignage du travail de la Fondation Mozilla et des développeurs tiers (ici, les développeurs de BetterPrivacy) qui oeuvrent dans cet univers respectueux de ses utilisateurs et technologiquement très avancé.

cr 01.01.2009 r+ 23.08.2020 r- 16.07.2024 Pierre Pinard. (Alertes et avis de sécurité au jour le jour)

Dossier (collection) : Logiciels (logithèque)
Introduction Liste Malwarebytes et Kaspersky ou Emsisoft (incluant Bitdefender)

Téléchargements (montrer / masquer)

BetterPrivacy - FAQ height= BetterPrivacy n'existe plus

Sommaire (montrer / masquer)
01 BetterPrivacy - Introduction 02 BetterPrivacy - Options 03 BetterPrivacy - Le gestionnaire LSO 04 BetterPrivacy - Résolution des problèmes 05 BetterPrivacy et LSO - Protection de la vie orivée 06 Cybercriminels et prétendues mises à jour de Flash Autour de ce sujet dans Assiste FAQ

BetterPrivacy - Introduction

BetterPrivacy — FAQ : Ce document, dont toute la partie « FAQ » est entièrement en anglais, et qui concernait Flash (qui n'existe plus), démontre à quel point Firefox (et tous les travaux de la Fondation Mozilla) pousse la défense, la protection et l'intérêt de ses utilisateurs (nous, les internautes). Ce document d'archives est conservé en témoignage du travail de la Fondation Mozilla et des développeurs tiers (ici, les développeurs de BetterPrivacy) qui œuvrent dans cet univers respectueux des internautes utilisateurs et des technologies très avancées.

Dans le cadre de l'abandon total du principe même des plug-ins dans tous les navigateurs Web, imposé par le W3C, le consortium de gouvernance des normes du Web (HTML5 et abandon de tous les plug-ins fin 2016), la société Adobe, qui est propriétaire et développeur de Flash (Flash Player - Adobe Flash Player), a annoncé publiquement, dès le 09 novembre 2011, vouloir aller dans le sens de l'histoire, celle d'HTML5, et abandonner Flash qui disparaît pour être remplacé, en partie par les caractéristiques d'HTML5 et en partie par des applications Web, dans le cadre d'un Web sans plug-in (Plug-in free Web).

Dans le cadre de cette initiative :

Le développement de Flash pour Linux a été abandonné et la dernière version du plug-in Flash pour Linux est la 11.02.
Flash n'a pas été porté du tout sur les terminaux mobiles. Pourtant, rien n'empêche d'y avoir des vidéos et des jeux.
Fin 2016, abandon total des capacités d'accueil de plug-ins dans les navigateurs Web et disparition de Flash (place à HTML5 et aux applications Web [qui pérennisent et universalisent le Tracking]).
Dans la mesure où Adobe ne prend plus en charge Flash Player depuis le 31 décembre 2020 et empêche le contenu Flash de s'exécuter dans Flash Player depuis le 12 janvier 2021, nous recommandons vivement à tous les utilisateurs de désinstaller Flash Player au plus tôt afin de sécuriser leurs systèmes.

BetterPrivacy est un add-on pour Firefox utilisé dans le cadre de la protection de la vie privée et de la gestion des cookies.

BetterPrivacy est l'un des rares outils à être capable de composer avec et de supprimer les Flash Cookies, ces cookies permanents appelés LSO (Local Shared Objects Flash Cookies).

BetterPrivacy is a Firefox add-on that is able to delete a special kind of cookies: LSO (Local Shared Objects Flash Cookies) (usually known as Flash-cookies) are placed on your computer by a Flash plug-in (abandon total de tous les plug-in et donc abandon total de FLASH).

Why are LSO's harmful?

They are never expiring - staying on your computer for an unlimited time.
By default they offer a storage of 100 KB (compare: Usual cookies 4096 characters).
Browsers are not fully aware of LSO, LSO's often cannot be displayed or managed by browsers.
Via Flash they can access and store highly specific personal and technical information (system, user name, ...)
Ability to send the stored information to the appropriate server, without user's permission.
Flash applications do not need to be visible to the user.
There is no easy way to tell which LSO sites are tracking you.
Shared folders allow cross-browser tracking, all browsers use the same LSO folder.
The company doesn't provide a user-friendly way to manage LSO's, in fact it's incredible cumbersome.
Many domains and tracking companies make extensive use of LSOs.
LSOs are used to re-create data of deleted traditional cookies.

Since Flash is a seperate application, running on your system (not under the hood of Firefox) , there is technically no way to prevent it from storing those LSO's on your disk. However they can be deleted at any time but unfortunately most browsers are unable to display or manage LSO's. BetterPrivacy can help here and offers capabilities to list and manage stored LSO's, up to full automatic cleaning, while allowing to define LSO-removal exclusion rules.

How does BetterPrivacy work?

After installation BetterPrivacy tries to find the folder where your Flash plug-in stores the LSO's. Thus the first start of Firefox could be delayed for some seconds. Then BetterPrivacy does absolutely nothing until you quit Firefox. At that time the add-on will look in the LSO folder, and if it finds cookies a popup will be shown. BetterPrivacy asks if you would like to delete the LSO's at that time. You might decide to review every single LSO later at the next Firefox session. Otherwise you can choose to delete once or even to automatically delete on every Firefox exit. BetterPrivacy never directly interacts with a website, thus your web-session will not be impaired.

BetterPrivacy does not need to be configured - except you want to keep certain LSO's or you want to define the time of LSO deletion. See next chapter for configuration options.

What are the advantages of using BetterPrivacy over native plug-in / FF methods?

The particular advantage of BetterPrivacy is that it does not block LSO's from being written to your harddisk (as the Adobe manger does). Blocking has severe disadvantages since the website will know that LSO's are disabled. Many sites have been reported to deny their service -or to not load at all- if LSO data storage is disabled. The same applies to LSO's that are deleted within only a few seconds. LSO's often have a useful functionality - so I recommend to (auto-) delete them not before you left the appropriate website, e.g. after at least 30 minutes.

The official settings manager offers a site blacklist only - whereas BetterPrivacy provides a white-list. Using the blacklist feature usually is cumbersome because you need to check for new cookies every session. Every Flash domain (including all the invisible Flash applications in scripts) require you to make a new decision about storage. If you look at many different sites a day you easily end up in wasting your time by defining all those limits. BetterPrivacy needs much less configuration than the native settings manager and is easily accessible. You can use it to generally remove LSOs, but it also allows to set exclusion rules for those LSO's that you would like to keep. Moreover BetterPrivacy allows to seamlessly integrate LSO deletion into the Firefox 'Clear Private Data' dialog.

BetterPrivacy allows quick and easy management of LSO storage without the need of consulting the official "Global Manager" which is located on a special company website and possibly also tracks all your management actions. The company could have made this settings manager available from the right click menu but they didn’t for some reason.

Aidez et soutenez Assiste – autorisez quelques publicités et cliquez dessus.

BetterPrivacy - Options

To open BetterPrivacy's options go to the Firefox menu, click tools, click BetterPrivacy. The first tab shows the LSO manager, the second tab contains the options for configuration.

BetterPrivacy is pre-configured to ask for Flash-cookie deletion on Firefox exit. You can also choose automatic deletion on Firefox start or deletion at special intervals (every customized days, hours, seconds). The timer deletion option can be configured to skip deletion if a Flash-cookie was used shortly. Thus timed deletion will not interfere with your browsing. If you prefer to use the built-in 'Clear Recent History' Firefox feature (Ctrl+Shift+Del) for manual cleanup, then you might want BetterPrivacy to add a Flash-cookie item there.

The Flash default cookie (origin settings.sol) also stores some settings for your Flash player, including the Flash application update interval. That's why it is excluded from deletion by default. However it also keeps a list of all visited sites which ever stored a LSO on your computer. Thus BetterPrivacy offers an extra option for this special cookie: "Also delete Flashplayer default cookie". The decision about this is up to you.

Flash-cookie's are stored in folders and sub folders that are named according to the web site domain where they came from. Usually -on Flash-cookie deletion- those folders are left over. In default configuration BetterPrivacy checks that they are empty and then removes them.

Click pings is a special Firefox feature that enables servers to easily track user movements. However, at the time there is no known case where this feature is effectively used.

Select 'Portable mode' only if the Flash application data folder might change on every Firefox start. Relative folder locations will be used.

Aidez et soutenez Assiste – autorisez quelques publicités et cliquez dessus.

BetterPrivacy - Le gestionnaire LSO

The LSO manager lists all LSO's (Flash-cookies) found on your computer.

The LSO's are stored in sub folders of the main Flash application data folder. That main folder is shown on top and can be changed manually if needed. If the path field turns red (no path is shown) then you can try to press the 'Search Directory' button: It might be necessary to scan the systems home directory, so please be patient until the folder is found. If no folder can be found, make sure that the Flash plug-in is correctly installed.

The LSO table mainly provides information concerning creation (modification) time of the LSO's and about their origin. Unfortunately it is not possible for an add-on to get the exact URL's of the sites that stored those LSO's. However the first column shown in the table as well as the last folder names of the full path (shown below the table) should give a clue which web site probably stored the LSO to your hard disk

To exclude an LSO from automatic deletion simply select (click) the LSO row, then press 'Prevent automatic LSO deletion'. The status column of the selected LSO will turn to 'Protected folder'. Be aware that a click on the button always toggles between the unprotected and protected state! In case you protected several LSO folders and you want to remove or edit one of those paths, click edit protection list.

Note 1: All sub folders of a protected folder are protected too.
Note 2: Protected LSO means that it is excluded from automatic deletion. It still can be deleted by the Flash application or other privacy applications!

There are two buttons, to remove a single selected LSO or to remove all at once. If you press the 'Remove all' button you might be asked what action should be taken on protected LSO's. On the bottom you find some LSO statistics, showing the quantity of automatic deleted LSO's: Since the time you last opened the options and cumulative.

Aidez et soutenez Assiste – autorisez quelques publicités et cliquez dessus.

BetterPrivacy - Résolution des problèmes

It might happen that a web-service stopped on usage of BetterPrivacy and that you consider this as a problem. This can be lost game settings, non-working login or other lost cookie-stored data.

It can be caused because you accidentally deleted one or more LSO's that are needed for the web-service to work.

For this reason there exists an option to exclude needed LSO's from automatic deletion. Since it is difficult to determine what exactly is the cause of the problem I would recommend to do both. It is impossible to address every potential situation here, but an example as follows can be given:

A PROBLEM SOLVING EXAMPLE: Not working Yahoo login (Yahoo signup seal broken or lost):
This is caused because the signup seal is a LSO cookie which once was stored on your computer. In case you accidentally deleted that LSO, the seal is lost and needs to be created new. Remember that is important to protect the seal LSO as soon as it is recreated. This can be done with BetterPrivacy's LSO manager, but you need to know which LSO is the right one to protect. For that reason it is recommended to remove all currently stored LSO's first - so the next new LSO will be the seal. Immediately after clearing the old LSO's visit the Yahoo site to recreate the login seal. This done you can open the LSO manager, but make sure that the Yahoo site is closed! (some LSO's are not stored until the web site closes completely) If the seal has been successfully recreated, then you will see the appropriate LSO in the manager table. Select the LSO and click Protect folder. That's all.

Aidez et soutenez Assiste – autorisez quelques publicités et cliquez dessus.

BetterPrivacy et LSO - Protection de la vie orivée

Aidez et soutenez Assiste – autorisez quelques publicités et cliquez dessus.

Cybercriminels et prétendues mises à jour de Flash

Adobe Flash Player (Lecteur multimédia, extension aux navigateurs web) a toujours été une usine à gaz recevant des correctifs technologiques, correctifs de failles de sécurité et mises à jour en continu. Forts de ce que ces mises à jour sont devenues un véritable réflexe quasi quotidien des utilisateurs de Flash, soit quasiment tous les internautes du monde, des cybercriminels ont déployé de fausses mises à jour de Flash durant des années, y compris bien après la fin définitive de Flash, son retrait de ses moindres technologies (dont la technologie des plug-ins) et le déploiement de HTML 5.

Des attaques en tous genres, y compris dramatique comme les demandes de rançons (ransomware et crypto-ransomware) ou le vol intégral de tous les contenus d'un appareil, ont continué d’être déployées avec ces fausses mises à jour de Flash, des années après la disparition totale de Flash et des technologies permettant de l'accueillir, fin 2016, dans ce monde trompeur et menteur qu’est le Web, cette toute petite partie de l’usage du réseau des réseaux, l’Internet.

Si l’on regarde les correctifs et mises à jour déployées par Microsoft pour la version Windows de Flash, les dernières sont datées du 26 août 2016 (et ne sont plus applicables).

Aidez et soutenez Assiste – autorisez quelques publicités et cliquez dessus.

FAQ (QFP - Questions fréquemment posées)

Paramétrage de BetterPrivacy
Setting up BetterPrivacy
Supprimer les cookies persistants Flash
Supprimer les Flash Cookies
Supprimer le tracking par Flash
Supprimer les LSO
Supprimer les Local Shared Objects
Mode d'emploi de BetterPrivacy
Télécharger BetterPrivacy
Download BetterPrivacy
Installer BetterPrivacy
BetterPrivacy - Module pour Firefox