Announcement

**diif** · 07-18-2015, 06:38 AM

Re: Flashplayer

You don't need to check it all. Most software checks itself nowadays on startup.
Do you check the basics on your vehicle before you drive or just hope everying is OK ?
Computers are a tool, every engineer knows to look after his tools.

**SteveNielsen** · 07-18-2015, 07:04 AM

Re: Flashplayer

I do. I even have tools to look after tools.

**stj** · 07-18-2015, 08:50 AM

Re: Flashplayer

i have now disabled the flash plugin to see how much is effected.
other than a couple of webcam sites going black, no difference.

so fuck flash!

**SteveNielsen** · 07-18-2015, 08:54 AM

Re: Flashplayer

Yeah, it's always been a PITA. I wish it would die peacefully. I'm utilizing HTML5 where it works. We'll see how long before someone fucks that up too.

**kc8adu** · 07-18-2015, 10:51 AM

Re: Flashplayer

lots more to be added.
the future?seperate 1tb ssd to store the hosts file?

Originally posted by kaboom View Post

Put another way, it's a two-way mirror.

"g.live.com" ??? A google thing? I thought M$ "h8's" google.

Oh well..
127.0.0.1 g.live.com
127.0.0.1 live.com

**kc8adu** · 07-18-2015, 10:54 AM

Re: Flashplayer

and all the tla's are now scrambling to regain their tools now that their mandated backdoors have been found.probably replaced by better hidden ones though.
i am in the "fuck flash and java" group here.

**stj** · 07-18-2015, 12:38 PM

Re: Flashplayer

i think the future lies with custom firmware in the router running a blocklist of i.p. addresses.

i dont trust microsoft not to tunnel under any firewall software people install and hit the ports directly,
and as for hosts files - i'm surprised the scumware isnt going for i.p. addresses rather than domain-names.

**momaka** · 07-19-2015, 12:32 AM

Re: Flashplayer

Originally posted by diif View Post

Only an idiot would knowingly run an outdated version of Flash.

Thanks, diif

.

I may be an idiot, but I haven't had to deal with viruses or malware in a very long time now (more than several years), despite running outdated software. They key is to use some common sense online and a fat hosts file. The rest hardly matters.

Originally posted by diif View Post

You don't need to check it all. Most software checks itself nowadays on startup.

I love software that checks for updates on startup

. Even better if it starts with Windows and checks for updates immediately (*cough* Google SW *cough*). Guaranteed to make your computer run like a turd.

Originally posted by diif View Post

Do you check the basics on your vehicle before you drive or just hope everying is OK ?

Well, I certainly don't check everything every time I use my car. I do maintenance at regular intervals and only check things if I will be driving on a long trip.

Originally posted by diif View Post

Computers are a tool, every engineer knows to look after his tools.

That's all dandy. But when you start putting more time towards maintaining the "tool" rather than using it, you should know something is not right.

Originally posted by stj

i have now disabled the flash plugin to see how much is effected.
other than a couple of webcam sites going black, no difference.

Good idea. I might try that as well.
I just setup a laptop for my uncle and still haven't installed some software. Was debating (with myself) what version of Flash to put (or not put one at all, now that Flash is getting kicked out).

Originally posted by kc8adu

i am in the "fuck flash and java" group here.

I may be joining that group soon too. I dropped Java a few years ago. Didn't impact my browsing experience, so never looked back.

**Pentium4** · 07-21-2015, 12:32 PM

Re: Flashplayer

I hate flash. What is the best alternative to use according to you guys, besides using an old version like momaka?

**mockingbird** · 07-21-2015, 12:47 PM

Re: Flashplayer

Originally posted by momaka View Post

Thanks, diif

.

I may be an idiot, but I haven't had to deal with viruses or malware in a very long time now (more than several years), despite running outdated software. They key is to use some common sense online and a fat hosts file. The rest hardly matters.

I agree with you that running out-of-date or obsolete software isn't the end of the world, but I think keeping flash up to date is very important because we're talking about zero day hacks here.

So hacking someone with an outdated version would be as simple as just creating a webpage with the payload.

**stj** · 07-21-2015, 02:16 PM

Re: Flashplayer

i just had an interesting incident.

a friends machine kept putting a message up that flash had crashed - you all know the one!
but some of the sites it was coming up on didnt have any animated stuff.
after some examining of the pages, i found the bastards were using flash just to insert persistant cookies that ignored the browser settings!!!
soo.... flashplayer is now just a crude spyware tool to some people!

**goodpsusearch** · 07-21-2015, 03:17 PM

Re: Flashplayer

Name of the site?

**kaboom** · 07-21-2015, 03:29 PM

Re: Flashplayer

Originally posted by Pentium4 View Post

I hate flash. What is the best alternative to use according to you guys, besides using an old version like momaka?

For youtube, use something to extract the links, and save the actual MP4 files.
Try keepvid, but be sure you've got a hosts file. Feel free to remap any "livid" garbage to 127.0.0.1.

Then, use the media player of your choice.

Originally posted by stj View Post

flashplayer is now just a crude spyware tool to some people!

Yes! The real reason for the version "pushes" over the last few years was so there could be more flash parasites out there with "undocumented" features.

How ironic- "Please update flash player to latest version for improved security" when that new version was the very thing rooting any so-called security!

Remember kids, don't look beyond the surface (punny), and don't connect the dots that led us to where we are today...

**stj** · 07-21-2015, 04:00 PM

Re: Flashplayer

Originally posted by goodpsusearch View Post

Name of the site?

cant remember, it was a u.k. based computer parts supplier.

**Pentium4** · 07-21-2015, 04:58 PM

Re: Flashplayer

Originally posted by kaboom View Post

For youtube, use something to extract the links, and save the actual MP4 files.
Try keepvid, but be sure you've got a hosts file. Feel free to remap any "livid" garbage to 127.0.0.1.

Then, use the media player of your choice.

Right on. Hmmm, weird that my Pentium 3 has no issues playing those same clips in a media player, yet my Core 2 has to work hard displaying it on spewtube

How many times have you seen this before? There's a reason we call it crash player

Attached Files

**mockingbird** · 07-21-2015, 05:23 PM

Re: Flashplayer

Originally posted by Pentium4 View Post

How many times have you seen this before? There's a reason we call it crash player

Almost never!

And the only time I used to get it was when I already loaded the player, and then switched to my TV via the ATI Hotkey. But they've even solved that problem now with the latest version.

And I don't use Flash only sporadically. I'm one of those people who doesn't use HTML5 on Youtube for one very simple reason: They haven't been able to implement metered downloads with HTML5 on Youtube yet. What that means is that the video keeps downloading, no matter how much you've actually watched. With Flash, if you pause the video, it will only buffer a little further on to where you are actually holding in the video.

This is very important for me, because I have a bandwidth cap. Also, I'm using GDI+ in Windows XP x64 and there's no VSync implementation for it. There's a little tearing with Flash, but with HTML5, it's much more noticeable.

Performance-wise, there's no contest. HTML5 absoluely trounced Flash these days. Also, Flash has no 60FPS on Youtube. But I have a copy of Chromium that I might fire up once in a blue moon if I really want to watch 60FPS.

**momaka** · 07-21-2015, 11:48 PM

Re: Flashplayer

Originally posted by Pentium4 View Post

I hate flash. What is the best alternative to use according to you guys, besides using an old version like momaka?

Well, if you only need it for YouTube, you can go without it now. I tried it with Firefox 32 portable and no flash installed on a new C2D laptop, and YouTube works fine with HTML5.

I guess it is time to say goodbye to Flash - at least on any new machines. I will still keep 10.3 on my old PCs.

Originally posted by mockingbird

I agree with you that running out-of-date or obsolete software isn't the end of the world, but I think keeping flash up to date is very important because we're talking about zero day hacks here.

I keep hearing about those "zero say" hacks, but I've never encountered one.

Again, I think what matters the most is how you browse online and where you go. If I think a link looks even slightly suspicious, I don't open it. And an updated HOSTS keeps many of the bad sites away.

**Per Hansson** · 07-22-2015, 01:28 AM

Re: Flashplayer

Originally posted by momaka View Post

Again, I think what matters the most is how you browse online and where you go. If I think a link looks even slightly suspicious, I don't open it. And an updated HOSTS keeps many of the bad sites away.

I can tell you first hand that this does not work, legitimate websites are hacked all the time and exploits are installed.
Worse even the AD networks used by pretty much all sites are sometimes hacked, thus making thousands of websites malware hosts in one go.

List of vulnerabilities in Flash player: http://www.cvedetails.com/vulnerabil...sh-Player.html

**diif** · 07-22-2015, 03:28 AM

Re: Flashplayer

Apologies momaka, perhaps idiot was too strong a word

Whilst a HOSTS file will stop a lot of nasty sites but there are far to many registered daily for this to be effective and as Per Hansson says it does nothing to prevent being compromised by a hacked legitimate site.
Whilst it might not matter to a home user so much especially if they don't make online purchases, it certainly does to Enterprise IT, where its ITs job amongst other things is to secure against threats and user stupidity. I did this for the last 7 years so this is perhaps why my stance is a little less flexible than yours.
One of essential ways to do this is to ensure all known security holes are patched be it with the OS, browser or other software.
Another is to restrict permissions, giving only limited rights to the user and any software they run.
When companies like Google and Sony can be compromised and have data leave their networks, i'm not sure many home users would be aware they have been compromised, maybe they might notice a slightly increased cpu and bandwidth.

**mockingbird** · 07-22-2015, 03:41 PM

Re: Flashplayer

Originally posted by momaka View Post

I keep hearing about those "zero say" hacks, but I've never encountered one.

Last night I innocently typed "Jedi Academy ISO" in a search engine, because I need to re-install a seperate copy of the game that I can run well without mods.

One of the torrent sites I clicked on caused Internet Explorer 11 to pause for a suspiciously long time. I remembered that while I updated the PPAPI flash plugin in Chromium, I might not have updated ActiveX Flash.

Right away I checked the Flash version and saw that I was running version 17. I immediately rebooted into a portable environment and ran a complete system scan (I don't have AV on this PC, it's my gaming pc that's been in a repair/test stage for a couple of years now, and I've only finally almost finished tweaking everything, and there's no antivirus installed), but luckily it came up clean.

But the point is that if one of those sites did have the zero-day Flash hack, it would have been as simple as that - just visiting the site and being infected. And yes, most people wouldn't have visited those torrent sites, but those aren't exactly first-tier avoid-at-all-costs/run in a vm if you must visit types of websites. There are a lot of sites out there that host legitimate content but also have malicious code programmed into them to exploit those that they can. Just avoiding those types of websites altogether isn't an option for me.

Announcement

Flashplayer

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment