An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Page 4 of 6 1 2 3 4 5 6
Re: Flash Bashing Express
alternaut #17894 10/04/11 11:24 PM
Joined: Sep 2009
Offline

Joined: Sep 2009
Originally Posted By: alternaut

Yep... looks like v.10 is done for, and v.11 is (out of beta and now) the new kid on the block:

<http://www.adobe.com/products/flashplayer.html> Adobe Flash Player 11

<current version> 11.0.1.152


[btw artie, visiting adobe's site there is one place where i seem to acquire those apmebf cookies... or so it appears, sometimes.]

Last edited by Hal Itosis; 10/04/11 11:29 PM.
Re: Flash Bashing Express
Hal Itosis #17902 10/05/11 01:43 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
> [btw artie, visiting adobe's site there is one place where i seem to acquire those apmebf cookies... or so it appears, sometimes.]

I visit Adobe's site regularly when I hit "Check Now," but I've never acquired an "apmebf," and, as a matter of fact, I haven't found one on my deuced Mac(hina) since I posted the issue (how long ago?).

What I have found, though, is that my blocked "Local Storage" and "Camera and Microphone" sites periodically disappear after an update.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Flash Bashing Express
Hal Itosis #18639 10/21/11 03:45 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Clickjacking the Flash Player Settings Manager: Bug in Flash Player allowed Mac webcam spying (fixed now).
Meanwhile, there's another Trojan Flash Player installer around.


alternaut moderator
Re: Flash Bashing Express
alternaut #19013 11/09/11 05:14 PM
Joined: Sep 2009
Offline

Joined: Sep 2009

Sophos: Adobe says goodbye to Flash for mobile platforms

ZDNet: Exclusive: Adobe ceases development on mobile browser Flash, refocuses efforts on HTML5

Adobe: Flash to Focus on PC Browsing and Mobile Apps; Adobe to More Aggressively Contribute to HTML5

--

So it seems that the Flash "web browser player plugin" concept is being eschewed on mobile devices (in favor of HTML5), while the Flash "development environment for apps" concept will continue on mobile devices (mainly for games i guess).

Good start. wink

Last edited by Hal Itosis; 11/09/11 05:28 PM.
Re: Flash Bashing Express
alternaut #19020 11/09/11 11:20 PM
Joined: Aug 2009
Likes: 14
Online

Joined: Aug 2009
Likes: 14
Originally Posted By: alternaut
Meanwhile, there's another Trojan Flash Player installer around.

I went to that site and thought I'd do a "test run" of their disinfecting procedure. I entered their Instruction plutil -convert xml1 /Applications/Safari.app/Contents/Info.plist into Terminal but, instead of Plist Files, I got a Permission Denied response.

I also tried their %malware_path% but got No such job.

What am I missing? Thanks.

Last edited by ryck; 11/09/11 11:21 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: Flash Bashing Express
ryck #19046 11/10/11 06:32 PM
Joined: Sep 2009
Offline

Joined: Sep 2009
Originally Posted By: ryck
I went to that site and thought I'd do a "test run" of their disinfecting procedure. I entered their Instruction plutil -convert xml1 /Applications/Safari.app/Contents/Info.plist into Terminal but, instead of Plist Files, I got a Permission Denied response.

That plist is owned by root, so one would need to prepend sudo and enter an admin password when prompted.

But i disagree with their instructions. There's no need to convert to xml at all. We can read or delete the offending key while it's still in "binary" form.

To read:

defaults read /Applications/Safari.app/Contents/Info LSMinimumSystemVersion
10.6.0

I used a valid key there, to show how normal output appears for a key that *should* exist. (according to that key, Safari 5.1.1 requires a minimum OS of 10.6.0).

Now, let's try to read the bad guy:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment
2011-11-10 13:53:26.696 defaults[80926:903]
The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist

Good, that key doesn't exist in my Safari plist. If anyone doesn't see that exact error, but instead gets some sort of "output"... then that's a problem.


Originally Posted By: ryck
I also tried their %malware_path% but got No such job.

Yeah well, the instructions provided by F-Secure are a little difficult to follow... so I'll try to clean it up.

Since they instructed folks to convert to xml format, here's how their version of the offending data should look:
Code:
	<key>LSEnvironment</key>
	<dict>
		<key>DYLD_INSERT_LIBRARIES</key>
		<string>%malware_path%</string>
	</dict>

If done using my defaults read method, the output would be something more like this:
Code:
	LSEnvironment =  {
		"DYLD_INSERT_LIBRARIES" =  (
			%malware_path%
		);
	};


So "%malware_path%" isn't anything to be entered as a command, but rather, it was their way of indicating that some sorta path string should be there, which tells us where the malware is located. E.g., instead of "%malware_path%" there would be a pathname:

/folder/folder/folder/file

maybe something like:

/Library/Printers/Epson/phony_file (idunno)

So —assuming one is infected (i.e., my 2nd defaults read example doesn't generate an error message) —then the way to 'disinfect' oneself is to delete whatever file or folder exists at the end of that "%malware_path%" location, and then delete the offending plist entry using:

sudo defaults delete /Applications/Safari.app/Contents/Info LSEnvironment

Last edited by Hal Itosis; 11/10/11 06:40 PM. Reason: added sudo to the last command :-)
Re: Flash Bashing Express
Hal Itosis #19047 11/10/11 07:03 PM
Joined: Sep 2009
Offline

Joined: Sep 2009
Ah, okay... i only searched that page for "%malware_path%" and focused on that section, to answer Rick's questions. Later on i see they narrow down the actual location a bit better, to:

/Applications/Safari.app/Contents/Resources/%payload_filename%

Where "%payload_filename%" is the important item we should destroy. So apparently the %malware_path% will be inside the browser's Resources folder (not externally in /Library as my example theorized).

Re: Flash Bashing Express
Hal Itosis #19055 11/10/11 10:27 PM
Joined: Aug 2009
Likes: 14
Online

Joined: Aug 2009
Likes: 14
Thanks very much for both posts. I have just used your sets of instructions....

defaults read /Applications/Safari.app/Contents/Info LSMinimumSystemVersion
defaults read /Applications/Safari.app/Contents/Info LSEnvironment


.... and got exactly the same results as you.

And thanks for the additional %payload_filename% information.

FYI, this and other things I learn at FineTunedMac are all very helpful for more people than me. I will keep this information a file with other step-by-step instructions where I can pull it out if needed.

e.g. If one of my daughters ever gets in a fix. Or if it's needed to help a couple of older ladies living nearby (one is past 80) who are both Mac users. FTM has a wide reach.

Thank you and all the other FTM folks who are always so willing to educate.

Last edited by ryck; 11/10/11 10:29 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: Flash Bashing Express
ryck #19061 11/11/11 05:56 AM
Joined: Sep 2009
Offline

Joined: Sep 2009
Back to "normal" business then...

Security update available for Adobe Flash Player
Release date: November 10, 2011
Vulnerability identifier: APSB11-28
Platform: All Platforms

SUMMARY

Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and
. . .

laugh

Re: Flash Bashing Express
Hal Itosis #19177 11/15/11 12:18 AM
Joined: Sep 2009
Offline

Joined: Sep 2009

Last edited by Hal Itosis; 11/15/11 12:20 AM.
Re: Flash Bashing Express
Hal Itosis #19180 11/15/11 11:41 AM
Joined: Aug 2009
Likes: 4
grelber Offline OP
OP Offline

Joined: Aug 2009
Likes: 4
From all I can gather, Adobe's Flash Player is not affected with respect to "non-mobile" hardware, eg desktop and laptop computers.
So I don't understand the big kerfuffle. Any short, sweet answers?

Re: Flash Bashing Express
grelber #19188 11/15/11 08:20 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
y'know I was just thinking that one side issue Apple may have had is that as long as Flash was on the iphone, "click to jailbreak" apps would be a nonstop weekly occurrence for Apple to deal with.


I work for the Department of Redundancy Department
Re: Flash Bashing Express
grelber #19190 11/15/11 09:04 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
Flash for desktops is continuing unabated, so a lot of the panic surrounding the abandonment of mobile Flash seems overblown to me. There are things it's more difficult to do without Flash, granted, but for the most part, I think folks who want to do those things--games, especially--are better served with "native" mobile apps.

Adobe has just announced that it is ceasing development of Adobe FLEX in house and turning that over to the open source community, though, and people are getting upset about that. FLEX is a tool for building apps using Flash, and a lot of (well, okay, SOME) business app developers use it to build business apps that run over the Web. And, naturally, rely on Flash to function.

I personally wonder whether Adobe's turn away from FLEX signals that Flash is in for a long, cold winter.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Flash Bashing Express
grelber #19191 11/15/11 09:11 PM
Joined: Sep 2009
Offline

Joined: Sep 2009
Originally Posted By: grelber
From all I can gather, Adobe's Flash Player is not affected with respect to "non-mobile" hardware, eg desktop and laptop computers. So I don't understand the big kerfuffle. Any short, sweet answers?

Yes well... it won't last. More and more and more, websites are being accessed by mobile devices. And if webmasters have to retool their pages to cater to non-flash devices, then why not go whole-hog? “Forget” flash... it's definitely in its death throes.


[edit: As i understand it, the only real "need" for flash (as a browser player plugin) is that associated with DRM-regulated video. Everything else it does (which one might deem as being vital) can easily be replaced. And again, everyone who likes to whine about google and facebook tracking their movements should keep in mind that flash does that stuff too.]

Last edited by Hal Itosis; 11/16/11 01:09 AM.
Re: Flash Bashing Express
Hal Itosis #19202 11/16/11 06:02 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
Originally Posted By: Hal Itosis
[edit: As i understand it, the only real "need" for flash (as a browser player plugin) is that associated with DRM-regulated video. Everything else it does (which one might deem as being vital) can easily be replaced. And again, everyone who likes to whine about google and facebook tracking their movements should keep in mind that flash does that stuff too.]


It's also needed for certain types of interactivity. Complex games with scripted actions, for instance, can't (yet) be done in pure HTML.

However, as time goes on, I think that will be less and less the case.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Flash Bashing Express
tacit #19204 11/16/11 08:05 PM
Joined: Sep 2009
Offline

Joined: Sep 2009
Originally Posted By: tacit
It's also needed for certain types of interactivity. Complex games with scripted actions, for instance, can't (yet) be done in pure HTML.

You're right of course... which is why i highlighted 'vital' (as online games aren't such for me). wink

If someone wants to play interactively, or shop at a website with fancy wiggling special effects... let THEM download flash. The rest of us news-watchers and you-tubers should be free to enjoy basic (normal) video, delivered via some standard protocol, etc.


Re: Flash Bashing Express
Hal Itosis #19208 11/16/11 09:26 PM
Joined: Aug 2009
Likes: 5
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 5
Unfortunately, not all online flash presentations are trivial or backed up by HTML5 counterparts....

The Aviation Safety Foundation (a sub-entity to the Aircraft Owners and Pilots Association) recently sent me a link to one of their current online ASF presentations...and it wouldn't run using Safari 5.1.1 under OS X 10.7.2 with the latest Flash-Player plug-in 11.1.102.55 installed --- the only way I could view it was to open the link using Firefox 6.0.2 on the same platform, where it ran just fine.

I sent their web-team the details, but this particular issue appears to be more browser-related than server-side..... confused


Freedom is never free....thank a Service member today.
Re: Flash Bashing Express
MacManiac #19458 12/03/11 01:39 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Still re Flash, but a different aspect... I just noticed that the prefs I had set in my Flash Player pref pane reverted to default, probably when I updated to v 11.1.102.55, and I suggest that everybody check their own prefs no less often than after every Flash update. (My prefs reverted once before with no apparent cause, but that predated the Flash pref pane.)


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Flash Bashing Express
artie505 #19461 12/03/11 10:43 AM
Joined: Aug 2009
Likes: 7
Online

Joined: Aug 2009
Likes: 7
The same thing is happening to me. I have trashed Flash preferences repeatedly (actually, ~/Library/Preferences/Macromedia/Flash Player) and that used to work. Yesterday, I used System Preferences>Flash Player>Storage, clicked Delete All and then Delete All Site Data and Settings. I reset my preferences and, so far, they seem to be sticking. Apparently, Delete All also clears ~/Library/Caches/Adobe/Flash Player so that may have been the cure.


Jon

macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
Re: Flash Bashing Express
jchuzi #19471 12/03/11 08:20 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: jchuzi
The same thing is happening to me. I have trashed Flash preferences repeatedly (actually, ~/Library/Preferences/Macromedia/Flash Player) and that used to work. Yesterday, I used System Preferences>Flash Player>Storage, clicked Delete All and then Delete All Site Data and Settings. I reset my preferences and, so far, they seem to be sticking. Apparently, Delete All also clears ~/Library/Caches/Adobe/Flash Player so that may have been the cure.

I just trashed ~/Library/Prefs/Macromedia and ~/Caches/Adobe in their entirety, but I'm not the least bit optimistic about the reversions to default stopping.

We'll see...


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Flash Bashing Express
jchuzi #19477 12/03/11 09:11 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
As an experiment, I just reinstalled the latest version of Flash and restarted, but uneventfully.

Oh, well... Time will tell.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Flash Bashing Express
artie505 #19543 12/09/11 01:54 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Damn!!! I've been checking my prefs periodically, and I just found them reverted to default again.

Aaargh!!! frown

Heads-up to all.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Flash Bashing Express
artie505 #19547 12/09/11 06:09 AM
Joined: Sep 2009
Offline

Joined: Sep 2009

Re: Flash Bashing Express
Hal Itosis #19601 12/13/11 05:53 AM
Joined: Sep 2009
Offline

Joined: Sep 2009
One wonders whether Adobe even tries to "get it right" . . . ever.
Seems like they don't learn anything, from one patch to the next.

Two zero-day vulnerabilities found in Flash Player

  crazy

Re: Flash Bashing Express
Hal Itosis #19607 12/13/11 06:02 PM
Joined: Aug 2009
Likes: 16
Moderator
Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: Hal Itosis
One wonders whether Adobe even tries to "get it right" . . . ever.
Seems like they don't learn anything, from one patch to the next.

Two zero-day vulnerabilities found in Flash Player

  crazy

I don't think this is a matter of getting it right on Adobe's part. I think it is more a matter of cutting their losses and doing the minimum effort they can get away with to keep their corporate customers happy. Adobe has already announced they are dropping development of Flash for handheld and tablet devices as well as tacitly acknowledging HTML 5 has already won the day on the desktop.

From my knowledge of Macromedia, the originator of Flash and Dreamweaver, my strong suspicion is Adobe is using a huge library of legacy code, which they did not write, developed at time when "security" was an unused word in the programmer's dictionary, and in a programming style that makes maintenance difficult and consequently very expensive. So Adobe has lots of patches to the code and each patch risks exposing and/or creating additional potential exploits. Apple was in a similar position when Steve Jobs returned to take the helm and made the decision to bet the company and invest in a completely new operating system and applications code base written in an unusual dialect of the C language. I have not seen anything from Adobe indicating they have either the vision or the resources to do anything that risky or daring.

Personally I don't think Flash will be around much longer. When Microsoft endorses any Open Source technology, and when Apple and Microsoft agree on anything, the game is over and Adobe lost.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Page 4 of 6 1 2 3 4 5 6

Moderated by  alternaut, cyn 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.046s Queries: 65 (0.035s) Memory: 0.7243 MB (Peak: 0.9098 MB) Data Comp: Zlib Server Time: 2024-03-28 23:49:19 UTC
Valid HTML 5 and Valid CSS