Various safety measures, OS comparisons, multi-boot, Flash b
Re: Flash Player sandboxing is coming to Firefox
(I'm only guessing) on the link you posted above because it is broken .
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 5.1; rv:14.0) Gecko/20120517 Firefox/14.0a2 SeaMonkey/2.11a2
-
- Junior Member
- Posts: 43
- Joined: Wed Oct 19, 2011 9:42 pm
Re: Flash Player sandboxing is coming to Firefox
Weird. That's the second time that's happening.
Either way.... that explanation pretty much covers my view.
Either way.... that explanation pretty much covers my view.
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.8 Safari/536.11
- GµårÐïåñ
- Lieutenant Colonel
- Posts: 3365
- Joined: Fri Mar 20, 2009 5:19 am
- Location: PST - USA
- Contact:
Re: Flash Player sandboxing is coming to Firefox
Couldn't have said it better myself, although Tom probably couldHungry Man wrote:What I've found is that everyone is an idiot sometimes, just some more often than others. But I agree that it's still useful as a tool in the right hands.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0
- GµårÐïåñ
- Lieutenant Colonel
- Posts: 3365
- Joined: Fri Mar 20, 2009 5:19 am
- Location: PST - USA
- Contact:
Re: Flash Player sandboxing is coming to Firefox
Yes it does, you are right and HM just committed an oversight, not a stance on his credibility.Tom T. wrote:XP has DEP.
Agreed, pretty useless in general in IMHO.Hungry Man wrote:...it's probably worth noting that DEP is pretty useless without ASLR.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0
- GµårÐïåñ
- Lieutenant Colonel
- Posts: 3365
- Joined: Fri Mar 20, 2009 5:19 am
- Location: PST - USA
- Contact:
Re: Flash Player sandboxing is coming to Firefox
Not to get technical but also the technology is only as effective as the layer in which it is invoked. By layer I mean OSI. If you have an appliance that filters based on Layer 3/4 technology, it makes the decision based on the flag/header, not the content/data, so you can still fool it. You need to get to Layer 6 and up effectively to do any REAL data analysis and that's exposed to weaknesses of its own that are sometimes introduced by the OS, sometimes by the software itself, and countless other issues (ie. memory allocation attacks including DMA or DDA, etc). Just thought I throw that in there.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0
Re: Flash Player sandboxing is coming to Firefox
(broken link)
If you would like to buy me a Win 7 machine, I'll be happy to use it and report the results.
Not all of us can afford to buy a new computer or new OS every couple of years.
I understand your point about adding additional layers of defense, bypassable or otherwise. The flip side of that is that larger footprint = larger attack surface.
It's been estimated that on average, there is one flaw in every 1000 lines of code.
Some will be meaningless. Some will create bugs in functionality. Some will be exploitable.
Whichever, larger footprint always brings with it more room for coding flaws. And as my friend Nick P. (who specializes in ultra-high-assurance systems for Gov and corps that need them) has pointed out, here and at Bruce Schneier's blog, it's not just in the libraries themselves, but every communication between processes, libraries, etc. is another possible point of weakness. So the potential vulns climb geometrically.
Bottom line: It's good that MS is trying to increase the cost of attack. It's bad that their systems keep getting more bloated. (7 was an exception, the first MS OS in history to have lower resource requirements than its predecessor, and that goes back to the MS-DOS days.)
Empirically, *in fact*, *in the real world*, the number of severe vulns in XP has indeed declined. I'm not going to go back through all of the security bulletins for the last five years or so, but you're certainly free to do so. I'm also not telling those with Win 7 to go back to XP -- sorry if you got that impression. However, Vista users clearly have been either upgrading or downgrading. A different source of stats from the previous Wikipedia link:
Source: http://www.w3schools.com/browsers/browsers_os.asp
Really, we don't disagree on much, except that XP is presently not the Swiss cheese that it was when introduced, nor the Swiss cheese that you seem to be saying it is.
What's noteworthy is that fewer patches are being issued for "all" of the supported client core OSs, and far more for optional components: MS Office, .NET, Win Media Player, etc. Which tells me that the bad guys are finding it cheaper to attack those than to attack the core OS.
And yes, of course I was totally kidding about you hacking me!
There is a known phpBB issue with long links being truncated. The cure is to wrap them in URL tags or code tags.Hungry Man wrote:Weird. That's the second time that's happening.
If you would like to buy me a Win 7 machine, I'll be happy to use it and report the results.
Not all of us can afford to buy a new computer or new OS every couple of years.
I understand your point about adding additional layers of defense, bypassable or otherwise. The flip side of that is that larger footprint = larger attack surface.
It's been estimated that on average, there is one flaw in every 1000 lines of code.
Some will be meaningless. Some will create bugs in functionality. Some will be exploitable.
Whichever, larger footprint always brings with it more room for coding flaws. And as my friend Nick P. (who specializes in ultra-high-assurance systems for Gov and corps that need them) has pointed out, here and at Bruce Schneier's blog, it's not just in the libraries themselves, but every communication between processes, libraries, etc. is another possible point of weakness. So the potential vulns climb geometrically.
Bottom line: It's good that MS is trying to increase the cost of attack. It's bad that their systems keep getting more bloated. (7 was an exception, the first MS OS in history to have lower resource requirements than its predecessor, and that goes back to the MS-DOS days.)
Empirically, *in fact*, *in the real world*, the number of severe vulns in XP has indeed declined. I'm not going to go back through all of the security bulletins for the last five years or so, but you're certainly free to do so. I'm also not telling those with Win 7 to go back to XP -- sorry if you got that impression. However, Vista users clearly have been either upgrading or downgrading. A different source of stats from the previous Wikipedia link:
Code: Select all
2012 Win7 Vista Win2003 WinXP Linux Mac Mobile
April 51.3% 4.2% 0.6% 27.3% 4.9% 9.3% 1.5%
Really, we don't disagree on much, except that XP is presently not the Swiss cheese that it was when introduced, nor the Swiss cheese that you seem to be saying it is.
What's noteworthy is that fewer patches are being issued for "all" of the supported client core OSs, and far more for optional components: MS Office, .NET, Win Media Player, etc. Which tells me that the bad guys are finding it cheaper to attack those than to attack the core OS.
And yes, of course I was totally kidding about you hacking me!
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/12.0
-
- Junior Member
- Posts: 43
- Joined: Wed Oct 19, 2011 9:42 pm
Re: Flash Player sandboxing is coming to Firefox
I suppose so.Really, we don't disagree on much, except that XP is presently not the Swiss cheese that it was when introduced, nor the Swiss cheese that you seem to be saying it is.
I'm not suggesting you buy a new computer or move to Linux. Just saying that it makes sense that Adobe isn't creating the sandbox for XP as it could not be as effective.
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.11 Safari/536.11
- GµårÐïåñ
- Lieutenant Colonel
- Posts: 3365
- Joined: Fri Mar 20, 2009 5:19 am
- Location: PST - USA
- Contact:
Re: Flash Player sandboxing is coming to Firefox
Tom, if software is EVER your issue, just ask me. I have access to legit copies of just about ANYTHING made out there. 90% of time I know the developers and have access to the software because I help them with it, the other 10% is professional courtesy. On top of that I have access to 100% of bootleg hacks and tweaks of any software too, for those more adventurous. You want something, just ask me.
Now as far as having a machine that can run what you want or asking, then that's a bit more tricky but not by much. I "recycle" hardware that are plenty good that people ditch for a newer unit that are often 10x better than the ones I use for myself, I just spruce them up (memory, drive, this and that) and pass them on to others. So this means that even the hardware I can help you out with, mostly desktop units, but even occasional laptops too.
I thought you knew that but just in case you didn't, here you have it in writing. The worst case scenario, you ask, and I don't have it on me at the time, but eventually you will get it. Now straight up front, I don't do Apple hardware, I fix them for people, upgrade them, so on, but I don't "recycle" or broker them, just not my thing. Software on the other hand, I can help with, although more difficult given the community I hang with despises Apple stuff, but that don't mean they can't get it.
Now as far as having a machine that can run what you want or asking, then that's a bit more tricky but not by much. I "recycle" hardware that are plenty good that people ditch for a newer unit that are often 10x better than the ones I use for myself, I just spruce them up (memory, drive, this and that) and pass them on to others. So this means that even the hardware I can help you out with, mostly desktop units, but even occasional laptops too.
I thought you knew that but just in case you didn't, here you have it in writing. The worst case scenario, you ask, and I don't have it on me at the time, but eventually you will get it. Now straight up front, I don't do Apple hardware, I fix them for people, upgrade them, so on, but I don't "recycle" or broker them, just not my thing. Software on the other hand, I can help with, although more difficult given the community I hang with despises Apple stuff, but that don't mean they can't get it.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0
Re: Flash Player sandboxing is coming to Firefox
GµårÐïåñ, that's an extremely generous offer. I was mostly kidding about HungryMan buying me a Win 7 machine; the point was that many users, not just myself, have neither the finances nor the desire to buy new machines and/or new OSs frequently. Plus, you're aware of how much time and effort I've put into tweaking this one.
If someday you do have an unneeded laptop with a *validly licensed copy* of Win 7, then of course it would be of interest to play with it, see the differences, etc. And it would help in doing support for those very few cases where an issue is OS version-specific, which is almost never. Some issues are Linux-only or Mac-only (which is why I call you on those), but if it's a NS or Fx issue on Windows, chances are it affects all Win client systems.
("laptop" because I don't have a monitor or a modern mouse; also, not a lot of extra space. Plus most of my work and play is done on the scenic balcony or the living room couch. )
But it would still be nice to tell a user that I've confirmed the fix, not only on XP, but on Win 7 also. And academic curiosity.
I don't have the time or motivation to start learning Mac from scratch, so no worries there.
I think we've covered this topic pretty thoroughly. Interesting discussion.
Cheers all,
If someday you do have an unneeded laptop with a *validly licensed copy* of Win 7, then of course it would be of interest to play with it, see the differences, etc. And it would help in doing support for those very few cases where an issue is OS version-specific, which is almost never. Some issues are Linux-only or Mac-only (which is why I call you on those), but if it's a NS or Fx issue on Windows, chances are it affects all Win client systems.
("laptop" because I don't have a monitor or a modern mouse; also, not a lot of extra space. Plus most of my work and play is done on the scenic balcony or the living room couch. )
But it would still be nice to tell a user that I've confirmed the fix, not only on XP, but on Win 7 also. And academic curiosity.
I don't have the time or motivation to start learning Mac from scratch, so no worries there.
I think we've covered this topic pretty thoroughly. Interesting discussion.
Cheers all,
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/12.0
-
- Junior Member
- Posts: 43
- Joined: Wed Oct 19, 2011 9:42 pm
Re: Flash Player sandboxing is coming to Firefox
I agree.I think we've covered this topic pretty thoroughly. Interesting discussion.
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.11 Safari/536.11
- GµårÐïåñ
- Lieutenant Colonel
- Posts: 3365
- Joined: Fri Mar 20, 2009 5:19 am
- Location: PST - USA
- Contact:
Re: Flash Player sandboxing is coming to Firefox
No problem, noted. Keep in mind, you don't need to have a separate machine for each OS/platform to support it. Say not including your current desktop, if you want to keep all separate, you can easily take say a laptop and put Windows 7 on it, install any version of Linux you want on another partition, and then create a VMWare or VirtualBox or VirtualPC copy of Mac on the windows or linux partition and you got the tool to support all of them. All in one shot. Beauty of virtualization my friend and dual/multi boot. Not to mention the TONS of OS you can install on a bunch of cheap 8 GB thumb drives to have fully functional copy of ANY OS with a label on each thumb drive that says what's inside. I mean the whole investment $40 tops per thumb drive.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0
Re: Flash Player sandboxing is coming to Firefox
I don't own a desktop computer. (See above re: "living room couch and scenic balcony".)GµårÐïåñ wrote:No problem, noted. Keep in mind, you don't need to have a separate machine for each OS/platform to support it. Say not including your current desktop,
On 1.5 GB RAM and 1.6 GHz CPU? ... this machine is from 2005. :uber-poor lol:if you want to keep all separate, you can easily take say a laptop and put Windows 7 on it, install any version of Linux you want on another partition, and then create a VMWare or VirtualBox or VirtualPC copy of Mac on the windows or linux partition and you got the tool to support all of them. All in one shot. Beauty of virtualization my friend and dual/multi boot.
This MOBO will simply *not* boot from a thumb drive. I've spent hours trying (remember you gave me some tools and tips?) and talking to OEM tech support, who confirmed that it will not; in fact, none of their laptops except for the top of the line, most expensive one will. The MOBO and CPU have to support that, and this one just doesn't, trust me.Not to mention the TONS of OS you can install on a bunch of cheap 8 GB thumb drives to have fully functional copy of ANY OS with a label on each thumb drive that says what's inside. I mean the whole investment $40 tops per thumb drive.
IIUC, most desktops will, but laptops are highly variable. Check around for yourself. I wish it would, because that would be faster than booting from the emergency CD, but it won't. Thanks for the offers.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/12.0
Re: Flash Player sandboxing is coming to Firefox
@Tom T: Sounds like you need to take up the original offer of a new recycled laptop
You can use your pocket-sized XP for general browsing, and try out other operating systems on the new one.
I can recommend Puppy Linux as a rescue system; fits on even a tiny usb, but quite feature-packed.
Could you still try out other boots via cd on your existing one?
You can use your pocket-sized XP for general browsing, and try out other operating systems on the new one.
I can recommend Puppy Linux as a rescue system; fits on even a tiny usb, but quite feature-packed.
Could you still try out other boots via cd on your existing one?
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.
True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (Linux; U; Android 2.2.1; en-gb; GT-S5570 Build/FROYO) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
Re: Flash Player sandboxing is coming to Firefox
I thought I did...Thrawn wrote:@Tom T: Sounds like you need to take up the original offer of a new recycled laptop
I have plenty of HD room for another OS, but IIUC, running a complete VM (as Guard recommended) takes up a lot of resources. IDK what the exact requirements are for "good" performance on one.You can use your pocket-sized XP for general browsing, and try out other operating systems on the new one.
Repeat: USB flash drive will not boot this computer.I can recommend Puppy Linux as a rescue system; fits on even a tiny usb, but quite feature-packed.
I have a DOS boot CD, but the CD made from the FDI-backup program (no free plugs for the brand ) works just fine.
As it happens, this does in fact boot a mini-Linux OS, a bit under 50 MB, all loaded in memory, from which the Restore functions can be accessed.
(Restore individual files, or restore any previous backup image, "painting" the drive to the exact state as when the snapshot was taken).
If it's a self-contained system, of course. The issue was that the mobo refuses to recognize a *flash drive* as a bootable device, no matter how formatted, etc.Could you still try out other boots via cd on your existing one?
Other USB devices are fine -- external HD, or even a USB external CD/DVD reader or read/write will boot it.
The real issue is that whereas GµårÐïåñ and you make your living in this area, I don't. Avid avocation, but would rather spend whatever hours can be spared to helping out here, rather than spend them learning entirely new OS like Mac and *nix. I wouldn't expect much trouble transitioning to Win 7.
So that was the most appealing offer.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/12.0
- GµårÐïåñ
- Lieutenant Colonel
- Posts: 3365
- Joined: Fri Mar 20, 2009 5:19 am
- Location: PST - USA
- Contact:
Re: Flash Player sandboxing is coming to Firefox
It would be rough to run virtual machines on those specs, but they are not THAT bad, if you were doing dual partition and running Linux outright, you'd be fine. One minute you are in XP, the other you are in Linux depending on how you boot up, you can ignore the VM portion for now, although it can still be done, it would just be a bit draggy and slow.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.46 Safari/536.5 Comodo_Dragon/19.0.3.0