Mozilla To Protect Adobe Flash Users 132
Posted
by
Soulskill
from the helping-those-who-don't-help-themselves dept.
from the helping-those-who-don't-help-themselves dept.
juct writes "Beginning with versions 3.5.3 and 3.0.14 of Firefox, Mozilla is going to check the version of installed Adobe Flash plug-ins and warn users if it discovers an outdated version with potential security holes. Mozilla confirmed this new security feature and said that the Flash version check was part of a wider commitment to 'protect users from emerging threats online.' Just recently, a study confirmed that 80 per cent of users surf with a vulnerable version of Adobe's plug-in."
Guaranteed to work (Score:4, Insightful)
"WARNING!! The version of Adobe Flash you are using is out of date and contains security holes, please upgrade by clicking here ..."
Oh dear, I don't understand what this means. Luckily my son, who got sick of me ringing him for computer help, told me what to do whenever I encounter a box I don't understand; click the X, or click cancel, or ignore. Now back to clicking on every ad I see.
Of course, that isn't likely to happen. It would be more like:
WARNING!! The version of Adobe Flash you are using is out of date and contains security holes, unfortunately you are using Internet Explorer so there is no warning.
Does flash not already do this? (Score:3, Insightful)
Doesn't flash already prompt you to upgrade from an old version?
if so how will this warning be more effective (unless they add an auto-update feature)?
if not, WTF ADOBE!!!
Here is patch (Score:1, Insightful)
+ function IsFlashVulnerable(FlashVersion) {
+ return true;
+ }
Re:Guaranteed to work (Score:4, Insightful)
You contradict yourself twice in that little paragraph. What point is it you are trying to make?? ^^
I think they will simply click on that OK to upgrade, as they click on everything else. To support that, just make the cancel button look small, scary, not recommended, with a sick face and a burning computer on it, and make the OK button 80% of the rest of the dialog, and make it look like a "red cross love palace for health, safety and happiness".
I'm serious!
Also, here in Germany, most people use Firefox, you insensitive clod! :P
Oh hey (Score:1, Insightful)
I use chrome which sandboxes plugins so most/any vulnerabilities are likely to do no more than crash the current tab. Why not make the entire browser secure from the ground up rather relying on the human element to keep things right?
Re:Guaranteed to work (Score:5, Insightful)
Have you ever actually tried writing some nice dynamic svg?
Version checking applications (Score:3, Insightful)
I don't think it would go down too well if version checking was built into the current version of Skype for Linux.
"Dear Linux user, your version of Skype has not been updated for 2 1/2 years, there are no new updates planned, and x86_64 versions are out of the question. Please feel free to vent to eBay where they will helpfully file your comments in /dev/null.
Thank you for choosing Skype."
upgrade? Why not block (Score:3, Insightful)
Flash cookies too? (Score:2, Insightful)