Sunday, October 19, 2008

Cyber Security Awareness Tip of the Day: October 19

There has been a lot of discussion regarding "clickjacking" -- a form of cross-site scripting -- recently. The latest version of the Firefox add-on NoScript provides protection against this vulnerability. Changes were made to the Adobe Flash Player Clipboard API to prevent potential ‘Clipboard attacks’.

A little-known feature is the ability to configure Flash Player's global and website settings. Microsoft MVP Donna Buenaventura posted instructions on how to configure Flash Player settings. I used Donna's instructions to create today's tip of the day.

October 19 Tip of the Day

Use the On-line Settings Manager, illustrated below, to configure Flash Player settings. Go to the Adobe Website Storage Settings panel to make the changes to the settings.

Although the changes are made via the on-line manager, the settings are only stored on your computer.

1. Global Privacy Settings panel -- specify whether websites must ask your permission before using your camera or microphone.

  • Always Deny
  • Always Ask
2. Global Storage Settings panel -- specify the amount of disk space that websites you haven't yet visited can use to store information on your computer, or to prevent websites you haven't yet visited from storing information on your computer.

  • Move slider all the way to the left, resulting in "None"
  • Uncheck "Allow 3rd party Flash content to store data"
    (Permission will be requested if a website with flash content needs space.)
3. Global Security Settings panel -- View or change your security settings

  • Always Deny
4. Global Notifications Settings panel -- Specify if and how often Flash Player should check for updated versions

  • If you are lax in checking for updates, retain the default setting.
  • Uncheck if you do not want updates checked automatically.
5. Website Privacy Settings panel - View or change the privacy settings for websites you have already visited

  • Always Deny
  • Delete all sites
6. Website Storage Settings panel -- View or change the storage settings for websites you have already visited, or to delete information that any or all websites have already stored on your computer

  • Move slider all the way to the left, resulting in "None"

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


Anonymous said...

Corrine thank you so much for putting the link in to locate the panel settings.

I couldn't find the program in my program list and knew there were settings but didn't understand where to find or how to find that panel.

Your guidance on the settings is awesome.


Corrine said...

Thanks, Cel.

I know what you mean. It just is not expected that adjustments would be made on-line.

Anonymous said...

I un-checked "allow 3rd party sites to store information" on my computer, but I was unable to watch certain video, and I was NOT prompted to allow, so for the longest time, I didn't know what was wrong. I decided to ALLOW instead and put ALWAYS ASK for the rest. thanks.