Author Topic: Flash finally fixed  (Read 1062 times)

0 Members and 1 Guest are viewing this topic.

Offline Dan Graves

  • All Time Legend
  • *******
  • Posts: 6558
  • Good Vibes 168
  • Is on the Outside, looking in
Flash finally fixed
« on: July 26, 2012, 06:51:49 pm »
Adobe flash has been updated today, i suggest y'all get to updating yours, they finally fixed most bugs that have been terrorizing users all over, especially the media-related bugs seem to have been ironed out.
"You need a little bit of insanity to do great things"
--Henry Rollins

Offline irishalkies

  • Stadium Superstar
  • ******
  • Posts: 2053
  • Good Vibes 36
Re: Flash finally fixed
« Reply #1 on: July 28, 2012, 12:52:20 am »
About bloody time..... The things been a nightmare for the best part of a month....


Offline old-and-in-the-way

  • Concert Hall Hasbeen
  • ****
  • Posts: 312
  • Good Vibes 5
  • That's what I heard him say
Re: Flash finally fixed
« Reply #2 on: August 06, 2012, 09:45:21 pm »
Adobe flash has been updated today, i suggest y'all get to updating yours, they finally fixed most bugs that have been terrorizing users all over, especially the media-related bugs seem to have been ironed out.

Damn.  I was hoping you meant Adobe had announced Flash's EOL and issued an uninstaller for the world  :-(

Offline Dan Graves

  • All Time Legend
  • *******
  • Posts: 6558
  • Good Vibes 168
  • Is on the Outside, looking in
Re: Flash finally fixed
« Reply #3 on: August 13, 2012, 12:46:04 am »
Damn.  I was hoping you meant Adobe had announced Flash's EOL and issued an uninstaller for the world  :-(

Oy vey...
Without flash, i'd have to actually work hard to find security holes in websites.
Then where would i get all that extra cash from ?
(if you answer anything that even remotely resembles Java i'll have to feed you X10's 'till you burst, so think carefully about your answer)
"You need a little bit of insanity to do great things"
--Henry Rollins

Offline old-and-in-the-way

  • Concert Hall Hasbeen
  • ****
  • Posts: 312
  • Good Vibes 5
  • That's what I heard him say
Re: Flash finally fixed
« Reply #4 on: August 22, 2012, 11:02:11 pm »
Oy vey...
Without flash, i'd have to actually work hard to find security holes in websites.
Then where would i get all that extra cash from ?
(if you answer anything that even remotely resembles Java i'll have to feed you X10's 'till you burst, so think carefully about your answer)

Not java.  Javascript.  The only people who can write secure javascript have more important things to do than make websites.

Perl / Python / Ruby / PHP.  Web developers look at these languages, decide that they are a bit like English, only with more white space and harsher rules about punctuation, and write code that allows you to perform cross site request forgeries by not distinguishing between GET and POST requests for potentially harmful actions.  Then they add a database to the mix, and the closest they get to a prepared statement is when they write:

Code: [Select]
my $sth = $cbh->prepare("select * from $user_supplied_table where $user_supplied_column = '$user_supplied_string'");
$sth->execute;

Misconfigured servers.  Someone wants to have their big business serve pages from multiple sources from what appears to be a single host, so they whack apache with mod_proxy in there.  The trouble is, they do that on all of the servers, so you can proxy hop.  Often they'll want to proxy HTTPS sessions, so the CONNECT verb will be active too, which means you can even proxy SMTP and turn their webserver into an email spam proxy network (this is particularly trivial when there is a corporate www cache that is the same as the inbound proxy, so an attacker can trivially mae outbound connections by directing exactly the right proxy request to some misconfigured server inside the target network).

If you rely on flash being present you will grow fat, lazy and unimaginative in no time at all.  :-P

 

Get The Forum As A Mobile App