Expect untold exploits for the Adobe technology stack to emerge out of this.
This. This is why people should be concerned. Open source programs have their code exposed to everyone, including those with malicious intent, and are therefor "battle hardened" for security. Closed source programs live a sheltered life and having that source suddenly available means those with malicious intent can use Adobe's relatively weak source code to develop new exploits for clients. Lots of them.
Adobe is a household name that users couldn't get rid of if they wanted to. Flash, for example, is on nearly every internet-connected PC. This is a problem for everyone.
Just the code coverage over Adobe's software has to be difficult(with the exception of PDF display. no excuse hehe) in fact it would at this point be a good move for them to open source since they are licensing anyhow. It would of been a good move ten years ago when enough gigs of their software downloaded to make NSA proud. But then again as my cynicism awakens I realize we'd just have a thousand zero day exploit auctions.. Flash when it works properly is one of the easiest tools to trash the web. DId they ever remove sockets support? Flash proxy bounce pinball mitm xss csrf driveby hoot rides. i think i need more coffee.
Now if the DOJ is offering a 20k reward for turning in companies like IBM.... heh Aww shucks just look at the nasdaq or for any job listing for a "software engineer who has a cobol verilog, ARM assembler, MCSE and A+. And Word."
a simple h1b job description algorithm replace tech/skill in [ ]'s:
x amount of years in [programming language] y
where x is the age of language in years +5
and don't forget to ask for someone with good communication skills since they won't be always able to speak the native language.
"The people are just too stupid" is no longer relevant. If you are smart perhaps you can help a stupid person defend his or her basic civil liberties while not breaking any laws. It's not glamorous but its better than going along with it. I argue that noone is too stupid to stand up for whats right.
Maybe the NSA will roll out an "Ad-sense" program? If you see something, say something is moot tho since all is seen and heard so DHS may need a better tag line.
hmm seems like they already are rolling it out? http://cryptome.org/2013/09/nsa-syanpse.htm
like a geocities, myspace maltego.
Slashdot Mirror
Expect untold exploits for the Adobe technology stack to emerge out of this.
This. This is why people should be concerned. Open source programs have their code exposed to everyone, including those with malicious intent, and are therefor "battle hardened" for security. Closed source programs live a sheltered life and having that source suddenly available means those with malicious intent can use Adobe's relatively weak source code to develop new exploits for clients. Lots of them. Adobe is a household name that users couldn't get rid of if they wanted to. Flash, for example, is on nearly every internet-connected PC. This is a problem for everyone.
Just the code coverage over Adobe's software has to be difficult(with the exception of PDF display. no excuse hehe) in fact it would at this point be a good move for them to open source since they are licensing anyhow. It would of been a good move ten years ago when enough gigs of their software downloaded to make NSA proud. But then again as my cynicism awakens I realize we'd just have a thousand zero day exploit auctions.. Flash when it works properly is one of the easiest tools to trash the web. DId they ever remove sockets support? Flash proxy bounce pinball mitm xss csrf driveby hoot rides. i think i need more coffee.
Now if the DOJ is offering a 20k reward for turning in companies like IBM.... heh Aww shucks just look at the nasdaq or for any job listing for a "software engineer who has a cobol verilog, ARM assembler, MCSE and A+. And Word." a simple h1b job description algorithm replace tech/skill in [ ]'s: x amount of years in [programming language] y where x is the age of language in years +5 and don't forget to ask for someone with good communication skills since they won't be always able to speak the native language.
"The people are just too stupid" is no longer relevant. If you are smart perhaps you can help a stupid person defend his or her basic civil liberties while not breaking any laws. It's not glamorous but its better than going along with it. I argue that noone is too stupid to stand up for whats right.
Maybe the NSA will roll out an "Ad-sense" program? If you see something, say something is moot tho since all is seen and heard so DHS may need a better tag line. hmm seems like they already are rolling it out? http://cryptome.org/2013/09/nsa-syanpse.htm like a geocities, myspace maltego.