Is Adobe the only provider of flash plugins? Is it still a gaping security hole? Do the answers depend on the browser?
Michael Hennebry wrote:
Is Adobe the only provider of flash plugins?
As far as I know. It *is* their product.
Is it still a gaping security hole?
noscript is my answer to that.
Do the answers depend on the browser?
I don't think so. I'm sure someone here will correct me if I'm wrong.
-- Michael hennebry@web.cs.ndsu.NoDak.edu "Sorry but your password must contain an uppercase letter, a number, a haiku, a gang sign, a heiroglyph, and the blood of a virgin."
I'm sorry, that password algorithm isn't viable... there's no reliable source of virgins.
mark
On Fri, Feb 17, 2017 at 10:13:15AM -0600, Michael Hennebry wrote
Is Adobe the only provider of flash plugins?
Yes.
Is it still a gaping security hole?
If not kept up-to-date, yes. Adobe changed their minds a few months ago, and now provide up-to-date Flash 24.X for linux, complete with security patches as required. Of course, "zero-day exploits" can still happen.
Do the answers depend on the browser?
Most browsers nowadays have the option to set one of 3 values... 1) Never activate 2) Ask-to-Activate (like the old NoFlash plugin) 3) Always activate
The settings can be different for each profile. If you often visit a site that requires flash, you can set up a separate profile for it, and select option 3. For other profiles, you can use options 1 and/or 2.
-
m.roth@5-cent.us -
Michael Hennebry -
Walter Dnes