https://bugs.adobe.com/jira/browse/FP-2112 "The security concern is that it easy for attackers to spoof native UIs (e.g. fake the Windows 'screen locked' or UAC prompts and steal user's info)and attempt to collect passwords. We would of course like to turn keyboard support on, and we continue to investigate how we could do so while protecting end users.
AIR is a different security model. You are downloading an application, and there is a different understanding/expectation from in-browser. Emmy Group Product Manager, Adobe Flash Player" https://bugs.adobe.com/jira/browse/FP-409 On Mon, Aug 16, 2010 at 11:34 PM, Rami Ojares <[email protected]> wrote: > On 17.8.2010 0:21, Henry Minsky wrote: >> >> Another issue is the strange restriction that all text input is disabled >> in fullscreen mode. >> What is the purpose of that? >> It makes the fullscreen mode useless in the context of an application. >> > > I would bet that is a security precaution, to prevent spoofing the > computer's desktop or something. > > > If someone is foolish enough that he can't tell the difference of his > functional desktop and some mockup version of a desktop > and starts writing his bank account passwords to some input boxes on his > desktop then I think he deserves to be robbed. > Surely flash can not emulate the desktop experience. Can it even do screen > capture? > > And from what I understand now flash can even read the filesystem. > So some people at Adobe are either highly paranoid or there is something > fishy going on in here. > > - rami >
