Linked by Jordan Spencer Cunningham on Mon 27th Jul 2009 20:53 UTC
Bugs & Viruses Adobe Flash. It's everywhere. Not all of us want it, but many are forced into submission simply because it's weaseled its way into a myriad of applied and common uses. This just makes all the worse the news that a vulnerability in Adobe Flash, Reader, and Acrobat applications is allowing malcontents to exploit computers with these products installed.
Thread beginning with comment 375503
To view parent comment, click here.
To read all comments associated with this story, please click here.
Gullible Jones
Member since:
2006-05-23

Unfortunately there are usually ways around such policies; for instance the holes in Windows 7 UAC, or the recent local privilege escalation vulnerability in Linux. LUA/SRP/MAC/whatever makes it more difficult for an attack to gain admin privileges but not impossible.

Also, if you're using a limited user account but not MAC and your personal data is stored under that account, the data is vulnerable.

Edit: and as far as Flash goes I hope that Silverlight kills it dead, the heck with it being MS technology. If it's better, let it win for once.

Edited 2009-07-27 22:51 UTC

Reply Parent Score: 1

darknexus Member since:
2008-07-15

and as far as Flash goes I hope that Silverlight kills it dead, the heck with it being MS technology. If it's better, let it win for once.


Um, that would be the worst outcome imaginable for anyone who doesn't use Windows. The web should use open standards, and thankfully there's been progress towards this end in recent years. Silverlight would undo all the good that has been done in this area were it to gain prominence, and would give Microsoft a second shot at locking in the web like they attempted to do with ActiveX. I don't think one needs to imagine too hard to see where things would go from there, look at Windows and IE when Microsoft had no real competition.

Reply Parent Score: 9

Gullible Jones Member since:
2006-05-23

Moonlight is available for Linux...

http://en.wikipedia.org/wiki/Moonlight_(runtime)

Although I see what you mean about the binary codecs. Also, software patents are stupid, stifle innovation, and generally deserve to die horribly.

Reply Parent Score: 1

Slambert666 Member since:
2008-10-30

Um, that would be the worst outcome imaginable for anyone who doesn't use Windows.


This is not true, Moonlight is a good implementation of silverlight, runs on linux, solaris, windows and BSD. Only problem is the codecs, but moonlight do provide for most free codecs.
Flash does not support free codecs and is the worst possible scenario.

The web should use open standards, and thankfully there's been progress towards this end in recent years.


Yes agreed, some progress has been made.

Silverlight would undo all the good that has been done in this area were it to gain prominence, and would give Microsoft a second shot at locking in the web like they attempted to do with ActiveX. I don't think one needs to imagine too hard to see where things would go from there, look at Windows and IE when Microsoft had no real competition.


Where do you get this stuff from? ActiveX was not Microsoft's attempt at "dominance" but an alternative to java applets and like applets was a flawed implementation.

Having to lie in order to come up with some stupid anti Microsoft arguments just makes you look paranoid.

Reply Parent Score: 1

pcunite Member since:
2008-08-26

Do you have further info on MAC? Thank you.

Reply Parent Score: 0

Gullible Jones Member since:
2006-05-23

MAC = Mandatory Access Control, where applications run with only the privileges they need in order to perform a task, as opposed to all the privileges of the user that runs them. (As far as I understand it anyway.) Examples include UAC on Windows Vista/7, and AppArmor, SELinux, Tomoyo, SMACK, and grsecurity on Linux. Also on Windows, I think some HIPS/firewall software can enforce MAC-like policies if the OS doesn't support it (as in Windows XP).

Reply Parent Score: 1