Sandboxing is a good step, though fixing the code itself is more important. I notice you mention windows (vista and 7) so I assume this feature will not be available for Linux, at least not initially.
There is app armor for Linux, but that's a bear to get working right and is a bit of overkill just to keep flash in check. It'd be better if they do develop the sandbox for Linux. Any word on the possibility or even time frame of a Linux version?
Discussion on:
View:
Show:
Linux already has powerful and flexible application sandboxing capabilities. Mozilla just has to write a sandboxing profile for SELinux and/or AppArmor. Making a custom sandboxing solution for Firefox will require far more work and be less secure.
"So while many may dismiss Flash as irrelevant, let???s not forget that users most at risk are often those who adapt the slowest, and who will likely still have Flash for a long time."
this doesn't affect your point at all, but there is a nit to pick....
you could just as easily say the users most at risk are the early adopters, because they are "pioneers" in using the fledgling product. what i mean is, nobody can say for sure that HTML5 doesn't have worse vulnerabilities than Flash because it's untried, untested. just because Flash has some problems that we're actually aware of, it doesn't mean HTML5 doesn't have lots of problems that we're unaware of. out of the frying pan, into the fire. at least we've been in the Flash frying pan for long enough that we can insulate ourselves from the surface we stand on. not so much inside the actual fire that is HTML5. a wildfire is what it really is -- who knows where it's going or who's controlling its direction? it's owned and defined by competing companies (what could possibly go wrong?). i believe a user that chooses Flash over HTML5 (when given the choice) is at lesser risk than those who adopt HTML5 on faith and Steve Jobs' blatant lies, er, reality distortion field. at least for now.
this doesn't affect your point at all, but there is a nit to pick....
you could just as easily say the users most at risk are the early adopters, because they are "pioneers" in using the fledgling product. what i mean is, nobody can say for sure that HTML5 doesn't have worse vulnerabilities than Flash because it's untried, untested. just because Flash has some problems that we're actually aware of, it doesn't mean HTML5 doesn't have lots of problems that we're unaware of. out of the frying pan, into the fire. at least we've been in the Flash frying pan for long enough that we can insulate ourselves from the surface we stand on. not so much inside the actual fire that is HTML5. a wildfire is what it really is -- who knows where it's going or who's controlling its direction? it's owned and defined by competing companies (what could possibly go wrong?). i believe a user that chooses Flash over HTML5 (when given the choice) is at lesser risk than those who adopt HTML5 on faith and Steve Jobs' blatant lies, er, reality distortion field. at least for now.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
