Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Adobe Flash Player Applications : How secure are they ?

Reply
Thread Tools

Adobe Flash Player Applications : How secure are they ?

 
 
pokhara67
Guest
Posts: n/a
 
      07-09-2007
a colleague at work suggested he could write a Flash application which
could compromise a user's hard drive data.

is this possible ?

 
Reply With Quote
 
 
 
 
=?ISO-8859-1?Q?R=F4g=EAr?=
Guest
Posts: n/a
 
      07-09-2007
pokhara67 wrote:
> a colleague at work suggested he could write a Flash application which
> could compromise a user's hard drive data.
>
> is this possible ?
>

Report your colleague to Homeland Security.
 
Reply With Quote
 
 
 
 
pokhara67
Guest
Posts: n/a
 
      07-09-2007
On Jul 9, 3:13 pm, Rgr <(E-Mail Removed)> wrote:
> pokhara67 wrote:
> > a colleague at work suggested he could write a Flash application which
> > could compromise a user's hard drive data.

>
> > is this possible ?

>
> Report your colleague to Homeland Security.


neo-con-nazi

he didnt say he was going to do it he just said he could.

**** the Homeland Security.

im not even in the US




 
Reply With Quote
 
=?ISO-8859-1?Q?R=F4g=EAr?=
Guest
Posts: n/a
 
      07-09-2007
pokhara67 wrote:
> On Jul 9, 3:13 pm, Rgr <(E-Mail Removed)> wrote:
>
>>pokhara67 wrote:
>>
>>>a colleague at work suggested he could write a Flash application which
>>>could compromise a user's hard drive data.

>>
>>>is this possible ?

>>
>>Report your colleague to Homeland Security.

>
>
> neo-con-nazi
>
> he didnt say he was going to do it he just said he could.
>
> **** the Homeland Security.
>
> im not even in the US


Jeez, I've not been called a Nazi in a long time. You know that's one of
the standards to judge how far a newsgroup thread has descended. But
thanks for the fun, please tell all your friends about this group.
 
Reply With Quote
 
=?ISO-8859-1?Q?R=F4g=EAr?=
Guest
Posts: n/a
 
      07-09-2007
pokhara67 wrote:
> a colleague at work suggested he could write a Flash application which
> could compromise a user's hard drive data.
>
> is this possible ?


In answer to your question (however intelligent that was) is yes. Flash
files can be malicious. Hell, I can write a batch file that will do away
with all your data. Would I be successful? Depends on how stupid you
are. Would it propogate? Depends on how smart I am.

You are posting through AOL, which would normally indicate a US address.
However, I'll grant you, there are stupid people in other countries.
 
Reply With Quote
 
pokhara67
Guest
Posts: n/a
 
      07-09-2007
On Jul 9, 4:02 pm, Rgr <(E-Mail Removed)> wrote:
> pokhara67 wrote:
> > a colleague at work suggested he could write a Flash application which
> > could compromise a user's hard drive data.

>
> > is this possible ?

>
> In answer to your question (however intelligent that was) is yes. Flash
> files can be malicious. Hell, I can write a batch file that will do away
> with all your data. Would I be successful? Depends on how stupid you
> are. Would it propogate? Depends on how smart I am.
>
> You are posting through AOL, which would normally indicate a US address.
> However, I'll grant you, there are stupid people in other countries.


I know any kind of file can be malicious. I can program too.

The question I should have posed was :

Is it possible for a Flash Application to load in my browser (firefox
on OSX and Linux ) and perform data reads/writes of my disk without my
consent.


ps
AOL in the UK is an excellent and cheap service. 30 dollars per month
for unlimited usage and no censorship - that I have noticed.

The only minor annoyance is that they dont have any newsservers,

Apart from that their ADSL service has never been down once in 4
months.

 
Reply With Quote
 
Pennywise@DerryMaine.Gov
Guest
Posts: n/a
 
      07-09-2007
pokhara67 <(E-Mail Removed)> wrote:

>Is it possible for a Flash Application to load in my browser (firefox
>on OSX and Linux ) and perform data reads/writes of my disk without my
>consent.


Finding a flaw (buffer overflow) like this one
http://xforce.iss.net/xforce/xfdb/27601 and having it call Rgrs
batch file - yea; it's finding that flaw that's the hard part.


--

1K Project
http://www.gametrailers.com/umwatcher.php?id=12321
 
Reply With Quote
 
=?ISO-8859-1?Q?R=F4g=EAr?=
Guest
Posts: n/a
 
      07-09-2007
http://www.velocityreviews.com/forums/(E-Mail Removed) wrote:
> pokhara67 <(E-Mail Removed)> wrote:
>
>
>>Is it possible for a Flash Application to load in my browser (firefox
>>on OSX and Linux ) and perform data reads/writes of my disk without my
>>consent.

>
>
> Finding a flaw (buffer overflow) like this one
> http://xforce.iss.net/xforce/xfdb/27601 and having it call Rgrs
> batch file - yea; it's finding that flaw that's the hard part.


Heh, I like the list of potential platforms affected. They didn't
mention my Whirlpool microwave though.
 
Reply With Quote
 
=?ISO-8859-1?Q?R=F4g=EAr?=
Guest
Posts: n/a
 
      07-09-2007
pokhara67 wrote:
> On Jul 9, 4:02 pm, Rgr <(E-Mail Removed)> wrote:
>
>>pokhara67 wrote:
>>
>>>a colleague at work suggested he could write a Flash application which
>>>could compromise a user's hard drive data.

>>
>>>is this possible ?

>>
>>In answer to your question (however intelligent that was) is yes. Flash
>>files can be malicious. Hell, I can write a batch file that will do away
>>with all your data. Would I be successful? Depends on how stupid you
>>are. Would it propogate? Depends on how smart I am.
>>
>>You are posting through AOL, which would normally indicate a US address.
>>However, I'll grant you, there are stupid people in other countries.

>
>
> I know any kind of file can be malicious. I can program too.
>
> The question I should have posed was :
>
> Is it possible for a Flash Application to load in my browser (firefox
> on OSX and Linux ) and perform data reads/writes of my disk without my
> consent.
>
>
> ps
> AOL in the UK is an excellent and cheap service. 30 dollars per month
> for unlimited usage and no censorship - that I have noticed.
>
> The only minor annoyance is that they dont have any newsservers,
>
> Apart from that their ADSL service has never been down once in 4
> months.


I hereby humbly apologize for comments I made. You seem to have some
smarts. But as a side note, you are posting through AOL and Google
Groups. You are at a double disadvantage going into the conversation,
but you've shown that you aren't typical. So my apology stands, if
you're willing to accept it.
 
Reply With Quote
 
pokhara67
Guest
Posts: n/a
 
      07-09-2007
On Jul 9, 7:02 pm, Rgr <(E-Mail Removed)> wrote:
> pokhara67 wrote:
> > On Jul 9, 4:02 pm, Rgr <(E-Mail Removed)> wrote:

>
> >>pokhara67 wrote:

>
> >>>a colleague at work suggested he could write a Flash application which
> >>>could compromise a user's hard drive data.

>
> >>>is this possible ?

>
> >>In answer to your question (however intelligent that was) is yes. Flash
> >>files can be malicious. Hell, I can write a batch file that will do away
> >>with all your data. Would I be successful? Depends on how stupid you
> >>are. Would it propogate? Depends on how smart I am.

>
> >>You are posting through AOL, which would normally indicate a US address.
> >>However, I'll grant you, there are stupid people in other countries.

>
> > I know any kind of file can be malicious. I can program too.

>
> > The question I should have posed was :

>
> > Is it possible for a Flash Application to load in my browser (firefox
> > on OSX and Linux ) and perform data reads/writes of my disk without my
> > consent.

>
> > ps
> > AOL in the UK is an excellent and cheap service. 30 dollars per month
> > for unlimited usage and no censorship - that I have noticed.

>
> > The only minor annoyance is that they dont have any newsservers,

>
> > Apart from that their ADSL service has never been down once in 4
> > months.

>
> I hereby humbly apologize for comments I made. You seem to have some
> smarts. But as a side note, you are posting through AOL and Google
> Groups. You are at a double disadvantage going into the conversation,
> but you've shown that you aren't typical. So my apology stands, if
> you're willing to accept it.


no probs. any thoughts on the security or otherwise of embedded flash
applications ?

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
Secure your digital information assets with Secure Auditor. SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:53 AM
Secure your digital information assets with Secure Auditor SecureWindows with Secure Auditor alannis.albert@googlemail.com Cisco 0 04-14-2008 06:52 AM



Advertisments