With AJAX MAssive Storage System (AMASS) a  OCT 20 2005

With AJAX MAssive Storage System (AMASS) a web page can store large amounts of data on a computer using hidden Flash applets. Brilliant hack, but seems like a potential security concern (an AMASS-like app could just fill up a hard drive without prompting, no?). I just looked at this briefly...would this allow one to run something like GMail offline? (I'm thinking not.) (via waxy)

Read more posts on kottke.org about:
Ajax   Flash   Gmail   Javascript   security   web development

There are 8 reader comments

Jordan30 20 2005 2:30PM

By default Flash will only store 100kb for any given Flash movie; if one tries to exceed 100kb, Flash prompts the user to ask if they'll allow it to store more.

jkottke00 20 2005 3:00PM

Ah, ok...it's Flash doing the prompting then, and not AMASS.

Brad Neuberg41 20 2005 3:41PM

I'm the AMASS lead developer; Jordan is right. Flash prompts, which AMASS detects, making an HTML DIV that appears above the HTML content, containing the Flash file so it just contains Flash's "Do you approve or disapprove of this storage?" dialog.

AMASS is one of the necessary pieces for offline use, but it's not enough. I'd like to crack that nut; figure out a way to have offline use in existing browsers.

Mike Nowak52 20 2005 3:52PM

I really don't like seeing Shared Objects used for storing data on a client machine. It's already being abused by advertising types. I'd hate to see it abused by developer types.

The major problem with SOs is that they are much more hidden than cookies so it's harder for the less savvy people to clear them or see how they're being tracked.

Go here to see what's on your system:
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Or use this Firefox extension
http://www.yardley.ca/objection/
(I can't vouch for how good it is because I use FlashBlock).

Alexandre22 20 2005 5:22PM

Gmail offline would be awesome. If I could reply to messages without wireless.... well... That would be amazing.

Nels26 21 200510:26AM

Indeed, Mike. I don't let Flash put stuff on my local file system. Ever.

Geoff09 21 200511:09AM

It might be interesting to come up with a system that uses muliple Flash movies, 100kb in each so you avoid the dialog boxes asking for more space. Sort of a Shared Object RAID array or something.

But I guess Shared Objects store data based on the URL of the movie, so it would take a dynamic swf generator so the URLs are unique (or is it based off the domain?).

Anyway, might be a cool thing to look into.

Brad Neuberg00 21 2005 6:00PM

The security of SharedObjects is fine; see a new blog post on AMASS at http://codinginparadise.org/weblog/2005/10/amass-update.html

This thread is closed to new comments. Thanks to everyone who responded.

kottke.org

Front page
About + contact
Site archives

Subscribe

Follow kottke.org on Twitter

Follow kottke.org on Tumblr

Like kottke.org on Facebook

Subscribe to the RSS feed

Advertisement

Ads by The Deck

Support kottke.org shop at Amazon

And more at Amazon.com

Looking for work?

More at We Work Remotely

Kottke @ Quarterly

Subscribe to Quarterly and get a real-life mailing from Jason every three months.

 

Enginehosting

Hosting provided EngineHosting