I find this moderately disturbing

I played a small role in helping to break this story. I used a screen capturing utility for OS X called iShowU to grab the video from the Christian Embassy site.

Lambert emailed me via SteveAudio looking for a way to capture video from the Flash Movie on their site, since Flash Movies are embedded and impossible to download (as far as they know, anyway). Most interestingly, however, during the course of my poking and prodding of this little piece of Flash media, I was sincerely alarmed to see the phrase “Allow www.christianembassy.com to access your camera and microphone?” pop up when I checked the settings. There was no “FUCK NO!!!!1!1!” button, unfortunately.

When I searched for the phrase “Allow [blank] to access your camera and microphone,” google took me straight to Adobe/Macromedia’s site, under the heading “Can others use my webcam to spy on me?

There’s a helpful paragraph there that says-

With the current Macromedia Flash Player, any site you visit can show you their own video, audio or other content. Ads and other applications that use the Flash Player cannot access your webcam without your explicit permission to do so. A privacy dialog window will appear whenever you encounter a Flash site that can make use of video and audio from your webcam. The Macromedia Flash Player Settings dialog window allows you to either deny or allow the application access to your camera and microphone.

That’s not a strong enough “No” for me. It just isn’t. My first question was “Is there any way to permanently disable this feature in Flash?” Current versions of the Flash Player for OS X have a check box that says “Remember,” but having had some experience as a Windows support technician and seeing DirectX and ActiveX controls exploited freely and cheerfully by malware authors, I am extremely wary of any program that allows remote eyes and ears to be opened in my home.

I am not the first person to notice this, naturally. Om Malik was just as creeped out as I am. He blogged about it and the someone named John Dowdell from Macromedia Support piped up in the comments to say “Now, now, girls… don’t get your panties in a wad. We’ve been doing this for a long time.”

I fail to find this at all reassuring. As an earlier commenter said:

Macromedia should put it in big, bold words during the install process that websites have the ability to remotely acess your A/V hardware and GIVE YOU THE OPTION TO PERMANENTLY SHUT THAT DOWN.

Some people may have a need for this, and power to them – but the vast majority of people don’t, and Macrodobe should really be upfront on this one, IMHO.

Alternately, make a version available with that functionality stripped out. I now have to go to a very high profile client of mine, someone who is EXTREMELY concerned about privacy (and justifiably so, btw, and that’s all you need to know about who and why) and say “I have some doubts about Flash Player and Adobe/Macromedia’s commitment to your privacy.”

There is no current Open Source alternative for Flash Player with a binary installer that runs on OS X. I am tempted to empty my PayPal account into Gnash‘s coffers in the hopes that an OS X binary will pop out soon.

I have to say, I can think of few creepier phrases than “Allow www.christianembassy.com to access your camera and microphone?”

In addition to what I hope will be a lively and informative debate in the comments, I would also be interested in your thoughts on similarly creepy phrases…

25 Comments

  1. Romulus

    Here is a creepy phrase from macromedia:

    ” ‘Privacy’ is a somewhat subjective term. The American Heritage dictionary defines privacy thus:

    Privacy 1a. The quality or condition of being secluded from the presence or view of others. b. The state of being free from unsanctioned intrusion: a person’s right to privacy. 2. The state of being concealed; secrecy.

    While this definition adequately reinforces the nature of privacy as being protected, safe, and free from exploit or exposure, it doesn’t make any assertions as to exactly what is protected. What one person may want kept private, another might not feel so strongly about.”
    ———–

    Hmmmmm….

    The rest may be found here on Adobes website

    http://www.adobe.com/devnet/flashplayer/articles/privacy.html

  2. Also, two more things.

    First, the green light always comes on whenever your iSight is in use. So it’s no mystery.

    Second, I remember reading about this Flash issue a few months ago. And it seems like the misunderstanding is that yes, some Flash apps can use your Cam and Mic but it only uses it to display on YOUR computer. It never transmits (and may not have the ability to) this data over the internet. I may be wrong, or confusing this with something else. I’m not sure. But dig around.

  3. The answer to this? Very loudly and very publicly stick it to Macromedia/Adobe. Every forum, every chat room, EVERYWHERE. Technology companies are paranoid about becoming hated like Microsquish. Adobe is already paranoid about this, re: the backlash from graphics producers over Photoshop 5.5. When the bad ju-ju starts going around, Macromedia will pay attention.

  4. Hi, what might I be able to do to reassure you of how it works? (Cam/mic access must be approved every time by the computer’s owner.)

    For best webcam security I’d recommend unplugging it until needed, to guard against any infestation of your computer. That’s your call, though.

    If I tried to lobby internally for your key request of “block all cam/mic use”, then others would reply that that’s the way things already are, and would wonder if you wanted to get rid of the dialog alerting you that there’s a cam request. What might I do that could help…?

    jd/adobe

  5. [Let me try again… first comment never showed up.]

    I’m wondering what I could do to help set your mind at ease here… the connection abilities are already default-off, with explicit user permission required for any use. I’ve seen no way your cam/mic can be used without your permission.

    For best security you might want to keep your webcam disconnected when not in use, to avoid the risk of other software installed on your machine using the camera.

    What would you like to see, what would help you feel more comfortable here…?

    tx, jd/adobe

  6. “Flash spies on you”…

    “Flash spies on you”: I’m bumping this up into my blog, because the two comments I’ve typed in at the site have yet to show up. Someone was trying to copy someone else’s video (!) and became alarmed when they saw a dialog requesting permission to …

  7. […] For the record, I did not say “Flash spies on you” and to say that I did strays dangerously close to straw man territory. I said that it was unnecessary for Macromedia to put remote monitoring software into a movie player. And I stand by that statement. […]

  8. The idea that anybody worried about security would even HAVE a webcam in a sensitive area seems absurd to me. Unplug the camera, not the Flash player.

    Flash has no more ability to monitor your webcam than Java, C# or any other programming environment. Yes, it has a Webcam API, but… so does OSX, Windows, etc. Flash CANNOT and WILL NOT access your camera without your express premission. Unfortunately, Windows will.

    Yes, Flash has no “set it and forget it” setting for disabling the camera (which to me, seems far less secure; I like the alert that comes up to tell me something is TRYING to access the camera). But it also doesn’t have a setting to prevent your computer from overclocking, bursting into flames or formatting your hard drive! Is that a security flaw, too?

  9. Comrade Rutherford

    New Apple laptops and iMacs have built-in cameras. Buyers for sensitive government areas can not purchase any computer with a built in camera because in the long run any camera that cannot be physically disconnected can be reporgrammed and is therefore insecure.

    The iSight camera can be turned on without the light, etc, just as new cell phones can be turned into roving bugs by the Feds even when the phone is ‘off’.

    I don’t buy JD’s [paraphrasing]: ‘it can’t be turned on without admin rights’.

    Show us the code, prove the technology, you can’t just say ‘trust us’.

  10. yellow chicken

    “Show us the code, prove the technology, you can’t just say ‘trust us’.”

    I wonder whether you will extend your request to see the code all the way up the chain, from Adobe, to the operating system to the various hardware manufacturers? You’re looking at one part of a completely proprietary chain which has zero transparency from end to end. If you’re really that paranoid, why not buy a computer with no camera? That way, you will always be safe from the “feds”…

    Of course I worry as much as the rest of you about the slow erosion of rights and privacy, but I don’t believe for a second that this issue is part of that problem.

  11. patrick,

    “There was no “FUCK NO!!!!1!1!” button, unfortunately.”

    Not a lot of software that I know of has a “FUCK NO” button. Almost always the “FUCK NO” functionality is in a settings panel or such.

  12. By default the web site cannot access your mic and camera. If you want to deny access to all web sites you have three options:
    1. When presented with the prompt for some web site to use your mic/camera, click the ? icon for more info.
    2. Right-click on the Flash Player in a web site and select Settings…, then click on the ? icon.
    3. Go to the page directly:
    http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html

  13. Click “Always Deny” (a.k.a “FUCK NO”)

    Options 1 and 2 take you to the same link.

    “I said that it was unnecessary for Macromedia to put remote monitoring software into a movie player.”

    I realize you probably see it as simply a movie player, but it’s not.

  14. ben, [comment made on the originating web site]

    “And it seems like the misunderstanding is that yes, some Flash apps can use your Cam and Mic but it only uses it to display on YOUR computer. It never transmits (and may not have the ability to) this data over the internet. I may be wrong”

    Yep, you’re wrong. The Flash Player can stream your mic/camera to the Flash Media Server, or other servers like the open source Red5 project.

    Again, this only works if the user OPTS-IN. If you click Deny your mic and camera cannot be used by the code running in the Flash Player. If you click Allow, then it can.

  15. so i was doing a google search for creepy phrases because i was all set to blog on phrases that are… well… creepy. and if it’s alright with you, i’d like to use that oh-so-creepy phrase in my post… linking to this very post. (of course). i’ll plan to put it in unless i hear otherwise from you, in which case… i’ll fix it! thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *