Norton 360 and Adobe Flash Player security pop-ups

I have already presented this information to Adobe, who have promptly insulted me and blown off the problem.

 

Here is the issue:

 

Adobe Flash Player has stopped a potentially unsafe operation.


The following application on your computer or network:


[object]


is trying to communicate with this Internet-enabled location:


g-ecx.images-amazon.com


To let this application communicate with the Internet, click Settings.

You must restart the application after changing your settings.



Same message has also appeared with "static.ak.fbcdn.net" in place of "g-ecx.images-amazon.com".

 

My concern is primarily that I can't find out what "[object]" is, but that's an Adobe problem (which they have expressed no interest in addressing).

 

My questions for Norton are:

 

  • Could this be caused by Norton 360?
  • Is there a known threat associated with this behavior?

 

Hello no patience,

 

 

Just checked on the Norton threat assesment and indeed  static.ak.fbcdn.net  is a Phishing site and Norton was warning you of it.   Stay clear of it.  Look it up in Norton for further details.  Force an update and run a scan.  Thus the redirect.

 

 

Snazzzzzz

Hi NoPatience,

 

Both g-ecx.images-amazon.com (image content for the Amazon site) and static.ak.fbcdn.net (Facebook) are known to set Local Shared Objects, also known as Flash Cookies, if your Flash Player Settings allow this.  The objects in your dialog boxes may be LSOs from these sites.  Flash Player will not allow untrusted local content to access the internet without your permission, so your Flash Player settings are likely preventing this local flash content from accessing those websites.

 

See the following article for a description of the security restrictions imposed on local content:

 

What is Flash Player security for local content?



Then see this article for a practical guide to controlling internet access by local content:

 

How do I let local Flash content communicate with the Internet?

 

I'm not sure this explains exactly what is going on, but at least it should help in giving you a general idea of the things that are in play.  Rather than blocking a known threat, the alert is to inform you about actions that are prohibited because they could be potential security risks.



 

Hi snazzzzzzz,

 

I am seeing fbcdn.net is reported as safe, as one would expect since it is Facebook.  Where are you seeing Norton flagging it as a phishing site?

 

http://safeweb.norton.com/report/show?url=static.ak.fbcdn.net

 

Moreover, the security notifications are the results of Flash Player's own security mechanisms that prevent certain actions - it had nothing to do with the websites themselves, nor did Norton have a hand in this.

Thanks. That's what I was looking find out.


SendOfJive wrote:

Hi NoPatience,

 

Both g-ecx.images-amazon.com (image content for the Amazon site) and static.ak.fbcdn.net (Facebook) are known to set Local Shared Objects, also known as Flash Cookies, if your Flash Player Settings allow this.  The objects in your dialog boxes may be LSOs from these sites.  Flash Player will not allow untrusted local content to access the internet without your permission, so your Flash Player settings are likely preventing this local flash content from accessing those websites.

 

See the following article for a description of the security restrictions imposed on local content:

 

What is Flash Player security for local content?



Then see this article for a practical guide to controlling internet access by local content:

 

How do I let local Flash content communicate with the Internet?

 

I'm not sure this explains exactly what is going on, but at least it should help in giving you a general idea of the things that are in play.  Rather than blocking a known threat, the alert is to inform you about actions that are prohibited because they could be potential security risks.




 

Hi NoPatience,

 

You're welcome.  The latest version of Flash Player puts the Settings Manager in the WIndows Control Panel.  It is now easier to find and much simpler to configure.  Flash Cookies also now follow the rules you set in your browser's Privacy settings concerning all cookies.  So if you delete cookies or block third party cookies in your browser, LSO's will be subject to the same settings.   Go to this site to make sure you are running the latest version of Flash Player for your browser:

 

http://www.adobe.com/software/flash/about/

Hello SOJ,

 

I had seen it  while searching Norton's Threat assessor and it came back as a Phishing site, if it is safe then why  would it label it as a Phishing site?  If the warning is for Flash cookies -- unlike common cookies -- which Norton flags it as a security risk wouldn't Flash cookies fall under the same category? Especially when Flash cookies are more aggressive in nature and designed to not be flagged by most scans?  My understanding is that Flash cookies can do more harm because of its evasive nature to scans and if drooped in from a bad website the potentual for harm is multiplied, correct me if wrong.  I'd rather be corrected then to pass on false information.

 

Snazzzzzz

 

Hi snazzzzzzz,

 

Most Flash Cookies are tracking cookies, which are a bit of a privacy concern to some, but which are not really security threats in the worst sense of the term.  Unlike HTML cookies however, LSOs can store more information and can be used to regenerate regular HTML tracking cookies after you have deleted them.  A lot of the power of LSOs was that most people weren't/aren't aware of them.  Not all LSOs are bad however.  Some sites that require logging in use these objects to remember you if you should accidentally lose the HTML cookie for the site.  This allows the site to log you in without resorting to other methods of authentication, such as making you answer a secret question.  Bank of America uses LSOs for this purpose.  There is more information on Flash Cookies posted in this thread:

 

http://community.norton.com/t5/Tech-Outpost/Attack-of-the-Flash-Cookie-Zombies/m-p/275884/message-uid/275884/highlight/true#U275884