Re: [OSM-talk] Flash and open source
Nonsense! The article you cite suggests disabling JavaScript aswell. The main slippy map on OSM uses JavaScript. ergo, we should not be promoting dangerous javascript. Flash has never caused me any security problems on my Ubuntu desktop. Talk to your OS vendor if it's insecure. On 15/05/10 00:10, john whelan wrote: www.zdnet.com/blog/bott/how-secure-is-flash-heres-what-adobe-wont-tell-you/2152 http://www.zdnet.com/blog/bott/how-secure-is-flash-heres-what-adobe-wont-tell-you/2152 There are other web sites such as Symantec's site. Symantec's advice corporate advice: In order to reduce the threat of successful exploitation of Web browsers, administrators should maintain a restrictive policy regarding which applications are allowed within the organization. […] Browser security features and add-ons should be employed wherever possible to *disable JavaScript™, Adobe Flash Player, and other content that may present a risk to the user* when visiting untrusted sites Simply going to a web site these days is the most common way to get infected, once infected then you lose your credit card details, and Flash is a very weak link no matter which web browser it is run from. Cheerio John On 14 May 2010 18:51, Richard Fairhurst rich...@systemed.net mailto:rich...@systemed.net wrote: john whelan wrote: Yes but a problem with Flash is it is a major security hole. My considered opinion on that theory is bollocks. It's a frickin' browser plugin, if the browser is letting it access your l337 credit card details then the browser probably ought to address its plugin architecture. Badly written Flash may crash my browser but it has not yet sent my credit card details to Tajikistan. And even Potlatch doesn't crash it, so it must have to be _really_ badly written to cause a problem. ;) It's probably the major source of Malware in Windows Yeah. The major source of drowning in the Atlantic Ocean is water. BAN water!!11!11o...@wtflolccbysa Aevar Arnfjorth Bjarmason wrote: Making their player open source would be nice. But what's mainly stopping players like Gnash is that their protocols are closed The SWF and RTMP formats are published. The codecs aren't, but that's the whole Ogg Theora/H264 argument for HTML5 and Firefox so not at all exclusive to Flash. And unless your translation code is cleverer than I thought, they're irrelevant to Potlatch (which is kinda the reason I posted here). The main thing stopping Gnash from supporting AVM2 (and strk can correct me if I'm wrong) is that it's a whole big lot of work and there's largely only one developer working on it - even though he's basically a genius and Potlatch 1 would never have happened without his work on Ming. If you threw 100 programmers at Gnash for three months then you'd have an open source (non-audio/video) AVM2 player. strk shouldn't have to spend his time rewriting code that Adobe has already written. Sun made Java open-source. Flash is a direct parallel. I would encourage people not to get hung up on codecs (because Flash has already lost the video battle, all video will be HTML5 in two years) and encourage Adobe to Do The Right Thing, for the benefit of apps like Potlatch and a million others. cheers Richard ___ talk mailing list talk@openstreetmap.org mailto:talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk 0x5373FB61.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
I don't wish to get into a Unix versus Windows war about security. However recognise that Flash is a plug in to a browser. Because of the way browser plug ins work they have very few restrictions on what they can do. I retired recently but before that was involved in protecting very sensitive data for the Canadian Federal Government and as a result spent quite a number of years studying threats. We ran some 1,400 servers including 400 Unix servers of one flavour or another. Within the security community it was recognised that although UNIX could be tightly configured often it wasn't. My party trick was a list of about 100 default userids and passwords, I don't think any of the databases on Unix based servers were secure against the list. At one demo I logged into about eighty SQL Server databases without logging onto the network with full admin rights but then Microsoft tightened up that loophole. The US government has a procurement standard called POSIX which it uses to identify UNIX systems in procurements. Windows NT was the first operating system to qualify as POSIX compliant. Both have their roots in Multics and Digital VMS and aren't that different once you get past the GUI. Windows can also be tightly configured should you really wish to. Flash has never caused me any security problems on my Ubuntu desktop. I think you should qualify that with that you know about. I came across one server that scanned fine but at 3 am each morning a few packets of information were sent out on the Internet to an odd address. These were detected by a network monitor and stood out because there was very little traffic at that time and because of the address being sent to. The server was subjected to heavy investigation but the rogue code was never found. When the operating system was reinstalled the ip packets stopped. The security community has reservations about JavaScript but these are not so serious as the ones about Flash. Personally from a security point of view I prefer using a tool like Maperitive to render rather than use JavaScript. I recognise that OSM has many enthusiasts who have been brought up on UNIX on University courses and we depend on their enthusiasm but I think we also owe a duty of protection to end users and to me that means recognizing that using Flash does bring security risks. Cheerio John On 20 May 2010 10:35, Rory McCann r...@technomancy.org wrote: Nonsense! The article you cite suggests disabling JavaScript aswell. The main slippy map on OSM uses JavaScript. ergo, we should not be promoting dangerous javascript. Flash has never caused me any security problems on my Ubuntu desktop. Talk to your OS vendor if it's insecure. On 15/05/10 00:10, john whelan wrote: www.zdnet.com/blog/bott/how-secure-is-flash-heres-what-adobe-wont-tell-you/2152 http://www.zdnet.com/blog/bott/how-secure-is-flash-heres-what-adobe-wont-tell-you/2152 There are other web sites such as Symantec's site. Symantec's advice corporate advice: In order to reduce the threat of successful exploitation of Web browsers, administrators should maintain a restrictive policy regarding which applications are allowed within the organization. […] Browser security features and add-ons should be employed wherever possible to *disable JavaScript™, Adobe Flash Player, and other content that may present a risk to the user* when visiting untrusted sites Simply going to a web site these days is the most common way to get infected, once infected then you lose your credit card details, and Flash is a very weak link no matter which web browser it is run from. Cheerio John ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On 15 May 2010 13:59, Richard Fairhurst rich...@systemed.net wrote: Ævar Arnfjörð Bjarmason wrote: Adobe has explicitly said in the past that they can't open source it because they've used a lot of parts in in that they've licensed from somewhere else. http://www.adobe.com/de/products/eula/third_party/flashplayer/ Pretty much all the all rights reserved stuff is codecs. Like I say, video is moving to HTML5 anyway and shouldn't distract from the wider Flash Player. On a related note Google,Mozilla and Opera have joined to announce[1] a new open video format called webm [2]. It’s licensed using a BSD-style license. “WebM and the codecs it supports (VP8 video and Vorbis audio) require no royalty payments of any kind. Chromium, Firefox, and Opera builds are available today[3]. Chrome builds will shortly follow. No statement yet from Microsoft or Apple regarding support in their platforms. 1.http://webmproject.blogspot.com/2010/05/introducing-webm-open-web-media-project.html 2. http://www.webmproject.org/about/ 3. http://www.webmproject.org/users/ Regards, Pavithran -- pavithran sakamuri http://look-pavi.blogspot.com ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On 14/05/10 23:51, Richard Fairhurst wrote: It's a frickin' browser plugin, if the browser is letting it access your l337 credit card details then the browser probably ought to address its plugin architecture. Sadly, the definition of how browser plugins work means that they are fully-privileged native code. There's not much you can do about that. I guess it would be technically possible to define a new plugin standard that was sandboxed in some way, but it would be an enormous effort, and no-one would rewrite their plugins to use it. Gerv ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
firefox jetpack On Tue, May 18, 2010 at 10:30 AM, Gervase Markham gerv-gm...@gerv.netwrote: On 14/05/10 23:51, Richard Fairhurst wrote: It's a frickin' browser plugin, if the browser is letting it access your l337 credit card details then the browser probably ought to address its plugin architecture. Sadly, the definition of how browser plugins work means that they are fully-privileged native code. There's not much you can do about that. I guess it would be technically possible to define a new plugin standard that was sandboxed in some way, but it would be an enormous effort, and no-one would rewrite their plugins to use it. Gerv ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On 18/05/10 10:05, jamesmikedup...@googlemail.com wrote: firefox jetpack Jetpacks are alternatives to extensions: http://en.wikipedia.org/wiki/Add-on_%28Mozilla%29 not plugins. See: http://en.wikipedia.org/wiki/Plug-in_%28computing%29#Plug-ins_and_extensions for an explanation. I agree the terminology can get confusing :-) Gerv ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
John Smith wrote: Browser plugin security is a joke and has been for a very long time, and as far as I'm aware nothing has been reported publicly that anything is being done to fix the situation. I think (though I'm absolutely no expert on the situation) that Chrome and Safari are working towards that. Certainly Google have said that they're planning it: We expect to work in the near future with the plug-in vendors to securely sandbox them as well. (from http://blog.chromium.org/2008/10/new-approach-to-browser-security-google.html ) cheers Richard ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
john whelan wrote: In order to reduce the threat of successful exploitation of Web browsers, administrators should maintain a restrictive policy regarding which applications are allowed within the organization. […] Browser security features and add-ons should be employed wherever possible to *disable JavaScript™, Adobe Flash Player, and other content that may present a risk to the user* when visiting untrusted sites Simply going to a web site these days is the most common way to get infected, once infected then you lose your credit card details, and Flash is a very weak link no matter which web browser it is run from. Yeah but hang on, you're quoting something there that tells you to disable JavaScript as well. This thread is about open-sourcing the Flash Player, and the single best way to fix any vulnerabilities in Flash Player would be to open-source it. cheers Richard ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
Ævar Arnfjörð Bjarmason wrote: Adobe has explicitly said in the past that they can't open source it because they've used a lot of parts in in that they've licensed from somewhere else. http://www.adobe.com/de/products/eula/third_party/flashplayer/ Pretty much all the all rights reserved stuff is codecs. Like I say, video is moving to HTML5 anyway and shouldn't distract from the wider Flash Player. Anyway. Good luck with the petition. Personally I think it's about as likely to succeed as an equivalent petition asking Microsoft to open source Windows. I'd love to be proven wrong, though. I would hope it's about as likely to succeed as an equivalent petition asking Sun to open-source Java. :) cheers Richard ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
2010/5/15 Liz ed...@billiau.net: On Sat, 15 May 2010, Richard Fairhurst wrote: It's probably the major source of Malware in Windows Yeah. The major source of drowning in the Atlantic Ocean is water. BAN water!!11!11o...@wtflolccbysa don't forget oxygen is not only poisonous in some forms but promotes explosions so ban it too that's why we call it sour stuff in German (Sauerstoff) ;-) cheers, Martin ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
Hi, M∡rtin Koppenhoefer wrote: that's why we call it sour stuff in German (Sauerstoff) ;-) I'm also very concerned about the amount of dihydrogenmonoxide contained in almost any drink you can get nowadays. It is virtually impossible to escape the stuff, and people are reported to have died from it already[0]. Bye Frederik [0] http://www.msnbc.msn.com/id/16614865/ -- Frederik Ramm ## eMail frede...@remote.org ## N49°00'09 E008°23'33 ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On Sat, 15 May 2010, Frederik Ramm wrote: Hi, M∡rtin Koppenhoefer wrote: that's why we call it sour stuff in German (Sauerstoff) ;-) I'm also very concerned about the amount of dihydrogenmonoxide contained in almost any drink you can get nowadays. It is virtually impossible to escape the stuff, and people are reported to have died from it already[0]. Bye Frederik [0] http://www.msnbc.msn.com/id/16614865/ http://www.dhmo.org/msdsdhmo.html ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On Sat, May 15, 2010 at 12:17, Frederik Ramm frede...@remote.org wrote: I'm also very concerned about the amount of dihydrogenmonoxide contained in almost any drink you can get nowadays. It is virtually impossible to escape the stuff, and people are reported to have died from it already[0]. Dihydrogenmonoxide is even more harmful than Ecstasy. 1. http://www.urban75.com/Drugs/drugxtc1.html /troll ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On 14 May 2010 22:38, Richard Fairhurst rich...@systemed.net wrote: I would encourage people to sign the petition at http://openplayer.net/ encouraging Adobe to make the Flash Player open source. Increasing the pressure on adobe ? Adobe has open sourced flex . There is a video player from flash which is opensource . Overall some of them might not be purely free software but adobe definitely is being careful ;) Other than AJAX is there an opensource alternative in widespread usage ? Re:flash video I think its going to die as most popular browsers like FF ,IE,chrome and Safari are supporting HTML5 (M$ and Apple to support their own codecs/formats ) There are huge set of multimedia graphic designers living on Adobe and its products . If they are educated and are made to sign this petition maybe adobe will listen . Regards, Pavithran -- pavithran sakamuri http://look-pavi.blogspot.com ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
Here is a message from the gnash team that I think is appropriate to forward to this thread. thanks, mike -- Forwarded message -- From: John Gilmore g...@toad.com Date: Sun, May 16, 2010 at 2:52 AM Subject: [Gnash-dev] Gnash appears on Adobe's web site! To: gnash-...@gnu.org Adobe has a facetious campaign about how open they are, now that Apple has used its own iron fist to lock out Adobe products from the iPhone/iPad universe. Anybody who really knows anything about Adobe history knows it's a crock of shit -- Adobe only opens when the world forces them to -- but it's there to fool the rubes. Anyway, as part of this campaign, they have publicly admitted that Gnash exists, here: http://www.adobe.com/choice/flash.html They think the existence of Gnash helps to claim that Flash is open, despite all the years of never publishing specs, and using EULA anti-reverse-engineering threats. Then after the open community reverse engineered it, came the years of Adobe publishing bogus specs that didn't actually work, and which came with a EULA of their own that said you could use the specs for any purpose except to build a competing implementation (which they now claim Anyone can use without requiring permission from Adobe!). Not to mention all the patent and codec wars. Anyway, they end by namechecking haXe; open source runtimes such as Gnash; and open source video servers such as Red5. It's really funny that when the big bully Apple comes after them, they go running to the free software community for protection. Maybe Dmitry Sklyarov can help 'em. I hear his company has some lawyers who know how to win cases against big bully companies. John ___ Gnash-dev mailing list gnash-...@gnu.org http://lists.gnu.org/mailman/listinfo/gnash-dev ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
[OSM-talk] Flash and open source
Occasionally the subject of Flash and free software comes up here in relation to Potlatch. I would encourage people to sign the petition at http://openplayer.net/ encouraging Adobe to make the Flash Player open source. cheers Richard ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
+1 On 14 May 2010 18:10, Richard Fairhurst rich...@systemed.net wrote: Occasionally the subject of Flash and free software comes up here in relation to Potlatch. I would encourage people to sign the petition at http://openplayer.net/ encouraging Adobe to make the Flash Player open source. cheers Richard ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
Yes but a problem with Flash is it is a major security hole. It's probably the major source of Malware in Windows at the moment so we should probably promote other alternative methods. Cheerio John On 14 May 2010 13:08, Richard Fairhurst rich...@systemed.net wrote: Occasionally the subject of Flash and free software comes up here in relation to Potlatch. I would encourage people to sign the petition at http://openplayer.net/ encouraging Adobe to make the Flash Player open source. cheers Richard ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On Fri, May 14, 2010 at 17:08, Richard Fairhurst rich...@systemed.net wrote: Occasionally the subject of Flash and free software comes up here in relation to Potlatch. I would encourage people to sign the petition at http://openplayer.net/ encouraging Adobe to make the Flash Player open source. Making their player open source would be nice. But what's mainly stopping players like Gnash is that their protocols are closed, and that anyone working on opening them up is subject to Adobe's legal team [1]. Adobe is obviously aware of these issues, but chooses to keep their platform closed. An online petition is unlikely to change their mind. 1. http://www.chillingeffects.org/anticircumvention/notice.cgi?NoticeID=25159 ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On Fri, May 14, 2010 at 9:51 PM, Ævar Arnfjörð Bjarmason ava...@gmail.comwrote: On Fri, May 14, 2010 at 17:08, Richard Fairhurst rich...@systemed.net wrote: Occasionally the subject of Flash and free software comes up here in relation to Potlatch. I would encourage people to sign the petition at http://openplayer.net/ encouraging Adobe to make the Flash Player open source. Making their player open source would be nice. But what's mainly stopping players like Gnash is that their protocols are closed, and that anyone working on opening them up is subject to Adobe's legal team [1]. Adobe is obviously aware of these issues, but chooses to keep their platform closed. An online petition is unlikely to change their mind. 1. http://www.chillingeffects.org/anticircumvention/notice.cgi?NoticeID=25159 I agree totally, we dont need the dirty source code, just some specs or even the permission to reverse engineer. mike ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
john whelan wrote: Yes but a problem with Flash is it is a major security hole. My considered opinion on that theory is bollocks. It's a frickin' browser plugin, if the browser is letting it access your l337 credit card details then the browser probably ought to address its plugin architecture. Badly written Flash may crash my browser but it has not yet sent my credit card details to Tajikistan. And even Potlatch doesn't crash it, so it must have to be _really_ badly written to cause a problem. ;) It's probably the major source of Malware in Windows Yeah. The major source of drowning in the Atlantic Ocean is water. BAN water!!11!11o...@wtflolccbysa Aevar Arnfjorth Bjarmason wrote: Making their player open source would be nice. But what's mainly stopping players like Gnash is that their protocols are closed The SWF and RTMP formats are published. The codecs aren't, but that's the whole Ogg Theora/H264 argument for HTML5 and Firefox so not at all exclusive to Flash. And unless your translation code is cleverer than I thought, they're irrelevant to Potlatch (which is kinda the reason I posted here). The main thing stopping Gnash from supporting AVM2 (and strk can correct me if I'm wrong) is that it's a whole big lot of work and there's largely only one developer working on it - even though he's basically a genius and Potlatch 1 would never have happened without his work on Ming. If you threw 100 programmers at Gnash for three months then you'd have an open source (non-audio/video) AVM2 player. strk shouldn't have to spend his time rewriting code that Adobe has already written. Sun made Java open-source. Flash is a direct parallel. I would encourage people not to get hung up on codecs (because Flash has already lost the video battle, all video will be HTML5 in two years) and encourage Adobe to Do The Right Thing, for the benefit of apps like Potlatch and a million others. cheers Richard ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
www.zdnet.com/blog/bott/how-secure-is-flash-heres-what-adobe-wont-tell-you/2152 There are other web sites such as Symantec's site. Symantec's advice corporate advice: In order to reduce the threat of successful exploitation of Web browsers, administrators should maintain a restrictive policy regarding which applications are allowed within the organization. […] Browser security features and add-ons should be employed wherever possible to *disable JavaScript™, Adobe Flash Player, and other content that may present a risk to the user* when visiting untrusted sites Simply going to a web site these days is the most common way to get infected, once infected then you lose your credit card details, and Flash is a very weak link no matter which web browser it is run from. Cheerio John On 14 May 2010 18:51, Richard Fairhurst rich...@systemed.net wrote: john whelan wrote: Yes but a problem with Flash is it is a major security hole. My considered opinion on that theory is bollocks. It's a frickin' browser plugin, if the browser is letting it access your l337 credit card details then the browser probably ought to address its plugin architecture. Badly written Flash may crash my browser but it has not yet sent my credit card details to Tajikistan. And even Potlatch doesn't crash it, so it must have to be _really_ badly written to cause a problem. ;) It's probably the major source of Malware in Windows Yeah. The major source of drowning in the Atlantic Ocean is water. BAN water!!11!11o...@wtflolccbysa Aevar Arnfjorth Bjarmason wrote: Making their player open source would be nice. But what's mainly stopping players like Gnash is that their protocols are closed The SWF and RTMP formats are published. The codecs aren't, but that's the whole Ogg Theora/H264 argument for HTML5 and Firefox so not at all exclusive to Flash. And unless your translation code is cleverer than I thought, they're irrelevant to Potlatch (which is kinda the reason I posted here). The main thing stopping Gnash from supporting AVM2 (and strk can correct me if I'm wrong) is that it's a whole big lot of work and there's largely only one developer working on it - even though he's basically a genius and Potlatch 1 would never have happened without his work on Ming. If you threw 100 programmers at Gnash for three months then you'd have an open source (non-audio/video) AVM2 player. strk shouldn't have to spend his time rewriting code that Adobe has already written. Sun made Java open-source. Flash is a direct parallel. I would encourage people not to get hung up on codecs (because Flash has already lost the video battle, all video will be HTML5 in two years) and encourage Adobe to Do The Right Thing, for the benefit of apps like Potlatch and a million others. cheers Richard ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On Fri, May 14, 2010 at 22:51, Richard Fairhurst rich...@systemed.net wrote: Aevar Arnfjorth Bjarmason wrote: Making their player open source would be nice. But what's mainly stopping players like Gnash is that their protocols are closed The SWF and RTMP formats are published. The codecs aren't, but that's the whole Ogg Theora/H264 argument for HTML5 and Firefox so not at all exclusive to Flash. And unless your translation code is cleverer than I thought, they're irrelevant to Potlatch (which is kinda the reason I posted here). At least in 2009 the state of those specs was that they were unusable for the Gnash project, see e.g.: http://www.youtube.com/watch?v=t3s-mG5yUjY#t=31m30s they released the specs, but the licensing agreement forbids you from using the specification to write your own implementation. Maybe that's changed since then. The main thing stopping Gnash from supporting AVM2 (and strk can correct me if I'm wrong) is that it's a whole big lot of work and there's largely only one developer working on it - even though he's basically a genius and Potlatch 1 would never have happened without his work on Ming. If you threw 100 programmers at Gnash for three months then you'd have an open source (non-audio/video) AVM2 player. I think you need to read The Mythical Man-Month :) strk shouldn't have to spend his time rewriting code that Adobe has already written. Sun made Java open-source. Flash is a direct parallel. I would encourage people not to get hung up on codecs (because Flash has already lost the video battle, all video will be HTML5 in two years) and encourage Adobe to Do The Right Thing, for the benefit of apps like Potlatch and a million others. Adobe has explicitly said in the past that they can't open source it because they've used a lot of parts in in that they've licensed from somewhere else. Anyway. Good luck with the petition. Personally I think it's about as likely to succeed as an equivalent petition asking Microsoft to open source Windows. I'd love to be proven wrong, though. ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On 15 May 2010 08:51, Richard Fairhurst rich...@systemed.net wrote: It's a frickin' browser plugin, if the browser is letting it access your l337 credit card details then the browser probably ought to address its plugin architecture. Badly written Flash may crash my browser but it has not yet sent my credit card details to Tajikistan. And even Potlatch doesn't crash it, so it must have to be _really_ badly written to cause a problem. ;) Browser plugin security is a joke and has been for a very long time, and as far as I'm aware nothing has been reported publicly that anything is being done to fix the situation. ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
Re: [OSM-talk] Flash and open source
On Sat, 15 May 2010, Richard Fairhurst wrote: It's probably the major source of Malware in Windows Yeah. The major source of drowning in the Atlantic Ocean is water. BAN water!!11!11o...@wtflolccbysa don't forget oxygen is not only poisonous in some forms but promotes explosions so ban it too ___ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk