Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sandboxed Flash Player Coming To Firefox

Posted by Soulskill on from the box-in-the-fox dept.

Trailrunner7 writes "Adobe, which has spent the last few years trying to dig out of a deep hole of vulnerabilities and buggy code, is making a major change to Flash, adding a sandbox to the version of the player that runs in Firefox. The sandbox is designed to prevent many common exploit techniques against Flash. The move by Adobe comes roughly a year after the company added a sandbox to Flash for Google Chrome. Flash, which is perhaps the most widely deployed piece of software on the Internet, has been a common attack vector for several years now, and the attacks in some cases have been used to get around exploit mitigations added by the browser vendors. The sandbox is designed to prevent many of these attacks by not allowing exploits against Flash to break out into the browser itself."

6 of 86 comments (clear)

  1. Re:Here's my hope. by Galestar · · Score: 5, Informative

    I'd love to see a ban on FMV ads...

    Install FlashBlock

    --
    AccountKiller
  2. Re:Here's my hope. by Hatta · · Score: 5, Informative

    Why are you not using NoScript?

    --
    Give me Classic Slashdot or give me death!
  3. sorry adobe, by nimbius · · Score: 5, Funny

    the problem with flash security and flash in general is your corporate culture, as is evidenced by consistent prior refusals to patch egregious bugs.

    consider HTML5. I personally liken it to a high caliber rifle in the face of your diseased and crippled cash cow.
    so long, and please dont hesitate to continue pedaling the rest of your product line straight into the ground and hell beyond with the same toxic mismanagement as flash. We here on the internet will gladly engineer the future at your expense, until your corporate office is nothing more than the 21st century equivalent of bleached bones rotting in the noon-day sun, vultured by contractors and languishing at the precipice of bankruptcy.

    --
    Good people go to bed earlier.
  4. Project Codename: Sieve by CyberDog3K · · Score: 5, Funny

    Yes, let's all rely on Adobe, the company who wrote one of the planet's least secure multimedia delivery platforms in history, to save us from their own software. I'm sure the sandbox will be stable and secure and in no way, shape, or form, completely useless and awful.

  5. Re:'bout time! by jjjhs · · Score: 5, Informative

    They isolated plugins (incl Flash and Silverlight) from crashing the browser a long time ago. Version 3.6 or something.

  6. Re:'bout time! by __1200333 · · Score: 5, Informative

    Switching from on-board to usb audio on windows 7 reliably hangs flash for me.

    However, you CAN do something about it! Find the right plugin-container.exe process (usually easy because it's the one taking hundreds of megabytes) and kill it. Firefox will now resume and give you the "your plugin has crashed" screen wherever flash was embedded previously.