www.zdnet.com/blog/bott/how-secure-is-flash-heres-what-adobe-wont-tell-you/2152
There are other web sites such as Symantec's site. Symantec's advice corporate advice: "In order to reduce the threat of successful exploitation of Web browsers, administrators should maintain a restrictive policy regarding which applications are allowed within the organization. […] Browser security features and add-ons should be employed wherever possible to *disable JavaScript™, Adobe Flash Player, and other content that may present a risk to the user* when visiting untrusted sites" Simply going to a web site these days is the most common way to get infected, once infected then you lose your credit card details, and Flash is a very weak link no matter which web browser it is run from. Cheerio John On 14 May 2010 18:51, Richard Fairhurst <rich...@systemed.net> wrote: > john whelan wrote: > > Yes but a problem with Flash is it is a major security hole. > > My considered opinion on that theory is "bollocks". > > It's a frickin' browser plugin, if the browser is letting it access your > l337 credit card details then the browser probably ought to address its > plugin architecture. Badly written Flash may crash my browser but it has > not yet sent my credit card details to Tajikistan. And even Potlatch > doesn't crash it, so it must have to be _really_ badly written to cause > a problem. ;) > > > It's probably the major source of Malware in Windows > > Yeah. The major source of drowning in the Atlantic Ocean is water. BAN > water!!11!11o...@wtflolccbysa > > > Aevar Arnfjorth Bjarmason wrote: > > Making their player open source would be nice. But what's mainly > > stopping players like Gnash is that their protocols are closed > > The SWF and RTMP formats are published. The codecs aren't, but that's > the whole Ogg Theora/H264 argument for HTML5 and Firefox so not at all > exclusive to Flash. And unless your translation code is cleverer than I > thought, they're irrelevant to Potlatch (which is kinda the reason I > posted here). > > The main thing stopping Gnash from supporting AVM2 (and strk can correct > me if I'm wrong) is that it's a whole big lot of work and there's > largely only one developer working on it - even though he's basically a > genius and Potlatch 1 would never have happened without his work on > Ming. If you threw 100 programmers at Gnash for three months then you'd > have an open source (non-audio/video) AVM2 player. > > strk shouldn't have to spend his time rewriting code that Adobe has > already written. Sun made Java open-source. Flash is a direct parallel. > I would encourage people not to get hung up on codecs (because Flash has > already lost the video battle, all video will be HTML5 in two years) and > encourage Adobe to Do The Right Thing, for the benefit of apps like > Potlatch and a million others. > > cheers > Richard > > _______________________________________________ > talk mailing list > talk@openstreetmap.org > http://lists.openstreetmap.org/listinfo/talk >
_______________________________________________ talk mailing list talk@openstreetmap.org http://lists.openstreetmap.org/listinfo/talk
