Slashdot Mirror
Adobe Releases Sandboxed Flash Player For Firefox
Trailrunner7 writes "Adobe has released a new version of their Flash player that now gives Firefox users the additional security of a sandbox and also includes a background update mechanism for Mac users. Flash has run in a sandbox on Google Chrome and Internet Explorer for some time already. The big security news in Flash player 11.3 is the addition of the protected mode sandbox for Firefox on Windows. That's a major change for Adobe, which has been adding sandbox to its main product lines for a couple of years now. Adobe Reader X has run in protected mode — which is what Adobe calls its sandbox — since its release, and the company also added a sandbox to Flash on Google Chrome. The sandbox is designed to prevent attackers from using vulnerabilities in Flash to break out of the application and move to other apps or the OS itself."
How about they release a new 64bit version for Linux? The colour in YT videos is totally messed up on my Ubuntu box
adobe hates linux.
I thought adobe was abandoning flash.
To offset political mods, replace Flamebait with Insightful.
I'm not sure if you recall, but Flash for linux is discontinued unless you're using the bundled Chrome version (http://www.osnews.com/story/25639). In light of that I've given up on the idea of them fixing any major bugs for that platform.
I've personally found the best way to sandbox Flash is to not install it.
I honestly can't name a single site that I care about that uses it -- possibly because Flash makes me immediately not care about a web site. I know some people really like it, and it does things they really think is cool, but to me it's been something I've avoided for a long time now.
But, who knows, maybe next week I'll discover something I can't live without that uses it.
Lost at C:>. Found at C.
My phone has more RAM than that.
I suggest you spend $10 and buy more RAM.
Heck I might even mail you some if you ask nicely.
Aside from getting more memory I would recommend that you update one of "the most targeted pieces of software" more often then just when YT stops working. There have been so many exploits released for Flash and Adobe released a lot of security updates to address them. http://www.gfi.com/blog/the-most-vulnerable-operating-systems-and-applications-in-2011/
I was under the impression that it wouldn't even be available for Chromium Browser, which implements the same Pepper API as Google Chrome. According to Adobe's blog, not only will Flash Player "only be available via the 'Pepper' API", but the Pepper version will be distributed "as part of the Google Chrome browser distribution and will no longer be available as a direct download from Adobe". So even if you have another browser that implements Pepper, it still won't be able to run Flash Player for Pepper because Flash Player for Pepper is exclusive to Google Chrome.
And if YouTube keeps showing you "Cannot display video", change your user agent string for the iPad one.
At which point you get "This video cannot be displayed on mobile devices."
I recommend their authors port their work to a non-proprietary format, or resign their proprietary crap to the dustbins of history where it belongs.
Give me Classic Slashdot or give me death!
From Adobe's news release:
[Emphasis added]
The restrictions we apply to this sandboxed process come from the Windows OS. Windows Vista and Windows 7 provide the tools necessary to properly sandbox a process. For the Adobe Reader and Acrobat sandbox implementation introduced in 2010, Adobe spent significant engineering effort trying to approximate those same controls on Windows XP. Today, with Windows 8 just around the corner and Windows XP usage rapidly decreasing, it did not make sense for the Flash Player team to make that same engineering investment for Windows XP. Therefore, we've focused on making Protected Mode for Firefox available on Windows Vista and later.
What one fool can do, another can. (Ancient Simian Proverb)