Invisible Flash

I use the Flashblock Firefox extension, mainly because I do not like having distracting animated stuff going on in the corner of my eye when I am trying to read the content on a web page. (I use the escape key to kill animated gifs.) It also eliminates a lot of those annoying objects that float over a page as you are trying to look at it. Flashblock does not make Flash objects disappear altogether however, it puts an icon on the screen that you can click to allow the Flash to play. This means, for instance, that you can still play Flash videos, as on YouTube, with just one extra click.

However, I have noticed that quite a lot of these “blocked Flash” icons, that I find on various pages, appear to do absolutely nothing when I click on them. When I click, the icon just disappears but nothing else appears to happen. No video or animation or ad appears. I do not think this a glitch; I am fairly sure that this Flash is not supposed to display anything. I see quite a few flash objects like this on my bank’s site, and I was inspired to ask because I just found one at the bottom of Cecil’s “Today’s Question.”

My question is, what is this “hidden” Flash doing? Is it some sort of tracking device, beyond regular cookies, or maybe it enables some aspect of formatting beyond HTML and CSS, or . . . what?

Flash objects are often just static pictures.

No, no static picture appears when I click the relevant icons (unless it’s an invisible spacer image, but why do that with Flash?).

Aren’t there any Flash programmers here? I know there are lots of web designers. What about other Flashblock users who can confirm the phenomenon? I am finding these things pretty commonly now, and as I said, they are on Dope pages, such as Cecil’s latest article.

My guess would be tracking. Flash has its own cookie-like system called Local Shared Objects. Since they’re built into Flash and not the web browser, they bypass any cookie restrictions set by the browser, and they don’t get deleted when you clear your cookies.

BetterPrivacy addon is your friend. Along with NoScript, and FlashBlock, I would not use Firefox without. Flash’s variant on cookies are an insidious and little recognised intrusion into your privacy. Just say no.

It doesn’t need to be anything nefarious. I built a website where we used flash for 1) file uploads and downloads and 2) playing music. However, because people hate flash widgets, we actually made the entire UI for these functions in DHTML, simply calling into an invisible flash object to do the work that was impossible to implement in DHTML. For example, you see a music player where all the controls and seek bar are in HTML, but the actual sounds are played by a tiny (as in 6kb) invisible flash widget.

So in at least some circumstances, an invisible flash widget can be used in a way that is explicitly trying to minimize the annoyance and intrusion that people perceive from flash, as opposed to being hidden because it is doing something sneaky.

Never mind.

Just FYI, you can set Firefox to not animate gifs.

“you can adjust the about:config (put that in the address bar and hit enter) option of image.animation_mode (type ‘animation’ in the filter line and it should show up). Valid values are ‘none’ (gifs do not animate at all), ‘once’ (gifs cycle through the animation once then stop), and ‘normal’ (gifs animate repeatedly as usual).”

http://forums.mozillazine.org/viewtopic.php?t=156056&highlight=blinking

Sometimes you need to allow Flash twice - for the domain you’re on, and the domain where they store their content - to get it to work.

The first seems to be a Flash applet that calls the content, which is, then, itself, Flash.

Well, I have found that when I mouse over the one at the bottom of this page: http://www.straightdope.com/columns/read/211/whats-the-best-place-to-avoid-getting-killed-in-a-nuclear-war, a tooltip appears with the URL http: //tap-cdn.rubiconproject.com/oz/flash/persist.swf (Some of Cecil’s pages currently linked from the Dope home page seem to have these, but others do not.)

I went to rubiconproject.com, and after digging around a bit and cutting through the management-speak it became apparent that they are indeed concerned with ad targeting. I guess that means that Erasmus (“Loves of Plants”) Darwin and Francis (“Give me the moonlight”) Vaughn got it right, and these are there to set persistent Flash tracking cookies. I guess we have crossed the Rubicon in terms of privacy. I have taken Frankie’s advice and installed the BetterPrivacy extension. Thanks guys.