An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Page 4 of 6 < 1 2 3 4 5 6 >
Topic Options
#17894 - 10/04/11 04:24 PM Re: Flash Bashing Express [Re: alternaut]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
Originally Posted By: alternaut

Yep... looks like v.10 is done for, and v.11 is (out of beta and now) the new kid on the block:

<http://www.adobe.com/products/flashplayer.html> Adobe Flash Player 11

<current version> 11.0.1.152


[btw artie, visiting adobe's site there is one place where i seem to acquire those apmebf cookies... or so it appears, sometimes.]


Edited by Hal Itosis (10/04/11 04:29 PM)

Top
#17902 - 10/04/11 06:43 PM Re: Flash Bashing Express [Re: Hal Itosis]
artie505 Online


Registered: 08/04/09
> [btw artie, visiting adobe's site there is one place where i seem to acquire those apmebf cookies... or so it appears, sometimes.]

I visit Adobe's site regularly when I hit "Check Now," but I've never acquired an "apmebf," and, as a matter of fact, I haven't found one on my deuced Mac(hina) since I posted the issue (how long ago?).

What I have found, though, is that my blocked "Local Storage" and "Camera and Microphone" sites periodically disappear after an update.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#18639 - 10/21/11 08:45 AM Re: Flash Bashing Express [Re: Hal Itosis]
alternaut Offline

Moderator

Registered: 08/04/09
Clickjacking the Flash Player Settings Manager: Bug in Flash Player allowed Mac webcam spying (fixed now).
Meanwhile, there's another Trojan Flash Player installer around.
_________________________
alternaut moderator

Top
#19013 - 11/09/11 09:14 AM Re: Flash Bashing Express [Re: alternaut]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)

Sophos: Adobe says goodbye to Flash for mobile platforms

ZDNet: Exclusive: Adobe ceases development on mobile browser Flash, refocuses efforts on HTML5

Adobe: Flash to Focus on PC Browsing and Mobile Apps; Adobe to More Aggressively Contribute to HTML5

--

So it seems that the Flash "web browser player plugin" concept is being eschewed on mobile devices (in favor of HTML5), while the Flash "development environment for apps" concept will continue on mobile devices (mainly for games i guess).

Good start. wink


Edited by Hal Itosis (11/09/11 09:28 AM)

Top
#19020 - 11/09/11 03:20 PM Re: Flash Bashing Express [Re: alternaut]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: alternaut
Meanwhile, there's another Trojan Flash Player installer around.

I went to that site and thought I'd do a "test run" of their disinfecting procedure. I entered their Instruction plutil -convert xml1 /Applications/Safari.app/Contents/Info.plist into Terminal but, instead of Plist Files, I got a Permission Denied response.

I also tried their %malware_path% but got No such job.

What am I missing? Thanks.


Edited by ryck (11/09/11 03:21 PM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Carbon Copy Clone on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#19046 - 11/10/11 10:32 AM Re: Flash Bashing Express [Re: ryck]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
Originally Posted By: ryck
I went to that site and thought I'd do a "test run" of their disinfecting procedure. I entered their Instruction plutil -convert xml1 /Applications/Safari.app/Contents/Info.plist into Terminal but, instead of Plist Files, I got a Permission Denied response.

That plist is owned by root, so one would need to prepend sudo and enter an admin password when prompted.

But i disagree with their instructions. There's no need to convert to xml at all. We can read or delete the offending key while it's still in "binary" form.

To read:

defaults read /Applications/Safari.app/Contents/Info LSMinimumSystemVersion
10.6.0

I used a valid key there, to show how normal output appears for a key that *should* exist. (according to that key, Safari 5.1.1 requires a minimum OS of 10.6.0).

Now, let's try to read the bad guy:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment
2011-11-10 13:53:26.696 defaults[80926:903]
The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist

Good, that key doesn't exist in my Safari plist. If anyone doesn't see that exact error, but instead gets some sort of "output"... then that's a problem.


Originally Posted By: ryck
I also tried their %malware_path% but got No such job.

Yeah well, the instructions provided by F-Secure are a little difficult to follow... so I'll try to clean it up.

Since they instructed folks to convert to xml format, here's how their version of the offending data should look:
Code:
	<key>LSEnvironment</key>
	<dict>
		<key>DYLD_INSERT_LIBRARIES</key>
		<string>%malware_path%</string>
	</dict>

If done using my defaults read method, the output would be something more like this:
Code:
	LSEnvironment =  {
		"DYLD_INSERT_LIBRARIES" =  (
			%malware_path%
		);
	};


So "%malware_path%" isn't anything to be entered as a command, but rather, it was their way of indicating that some sorta path string should be there, which tells us where the malware is located. E.g., instead of "%malware_path%" there would be a pathname:

/folder/folder/folder/file

maybe something like:

/Library/Printers/Epson/phony_file (idunno)

So —assuming one is infected (i.e., my 2nd defaults read example doesn't generate an error message) —then the way to 'disinfect' oneself is to delete whatever file or folder exists at the end of that "%malware_path%" location, and then delete the offending plist entry using:

sudo defaults delete /Applications/Safari.app/Contents/Info LSEnvironment


Edited by Hal Itosis (11/10/11 10:40 AM)
Edit Reason: added sudo to the last command :-)

Top
#19047 - 11/10/11 11:03 AM Re: Flash Bashing Express [Re: Hal Itosis]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
Ah, okay... i only searched that page for "%malware_path%" and focused on that section, to answer Rick's questions. Later on i see they narrow down the actual location a bit better, to:

/Applications/Safari.app/Contents/Resources/%payload_filename%

Where "%payload_filename%" is the important item we should destroy. So apparently the %malware_path% will be inside the browser's Resources folder (not externally in /Library as my example theorized).

Top
#19055 - 11/10/11 02:27 PM Re: Flash Bashing Express [Re: Hal Itosis]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Thanks very much for both posts. I have just used your sets of instructions....

defaults read /Applications/Safari.app/Contents/Info LSMinimumSystemVersion
defaults read /Applications/Safari.app/Contents/Info LSEnvironment


.... and got exactly the same results as you.

And thanks for the additional %payload_filename% information.

FYI, this and other things I learn at FineTunedMac are all very helpful for more people than me. I will keep this information a file with other step-by-step instructions where I can pull it out if needed.

e.g. If one of my daughters ever gets in a fix. Or if it's needed to help a couple of older ladies living nearby (one is past 80) who are both Mac users. FTM has a wide reach.

Thank you and all the other FTM folks who are always so willing to educate.


Edited by ryck (11/10/11 02:29 PM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS Mojave 10.14.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Carbon Copy Clone on 1TB LaCie USB-C
Carbon Copy Clone on 500GB OWC Mercury OTG Pro

Top
#19061 - 11/10/11 09:56 PM Re: Flash Bashing Express [Re: ryck]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
Back to "normal" business then...

Security update available for Adobe Flash Player
Release date: November 10, 2011
Vulnerability identifier: APSB11-28
Platform: All Platforms

SUMMARY

Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and
. . .

laugh

Top
#19177 - 11/14/11 04:18 PM Re: Flash Bashing Express [Re: Hal Itosis]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)


Edited by Hal Itosis (11/14/11 04:20 PM)

Top
#19180 - 11/15/11 03:41 AM Re: Flash Bashing Express [Re: Hal Itosis]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
From all I can gather, Adobe's Flash Player is not affected with respect to "non-mobile" hardware, eg desktop and laptop computers.
So I don't understand the big kerfuffle. Any short, sweet answers?

Top
#19188 - 11/15/11 12:20 PM Re: Flash Bashing Express [Re: grelber]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
y'know I was just thinking that one side issue Apple may have had is that as long as Flash was on the iphone, "click to jailbreak" apps would be a nonstop weekly occurrence for Apple to deal with.
_________________________
I work for the Department of Redundancy Department

Top
#19190 - 11/15/11 01:04 PM Re: Flash Bashing Express [Re: grelber]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
Flash for desktops is continuing unabated, so a lot of the panic surrounding the abandonment of mobile Flash seems overblown to me. There are things it's more difficult to do without Flash, granted, but for the most part, I think folks who want to do those things--games, especially--are better served with "native" mobile apps.

Adobe has just announced that it is ceasing development of Adobe FLEX in house and turning that over to the open source community, though, and people are getting upset about that. FLEX is a tool for building apps using Flash, and a lot of (well, okay, SOME) business app developers use it to build business apps that run over the Web. And, naturally, rely on Flash to function.

I personally wonder whether Adobe's turn away from FLEX signals that Flash is in for a long, cold winter.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#19191 - 11/15/11 01:11 PM Re: Flash Bashing Express [Re: grelber]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
Originally Posted By: grelber
From all I can gather, Adobe's Flash Player is not affected with respect to "non-mobile" hardware, eg desktop and laptop computers. So I don't understand the big kerfuffle. Any short, sweet answers?

Yes well... it won't last. More and more and more, websites are being accessed by mobile devices. And if webmasters have to retool their pages to cater to non-flash devices, then why not go whole-hog? Forget flash... it's definitely in its death throes.


[edit: As i understand it, the only real "need" for flash (as a browser player plugin) is that associated with DRM-regulated video. Everything else it does (which one might deem as being vital) can easily be replaced. And again, everyone who likes to whine about google and facebook tracking their movements should keep in mind that flash does that stuff too.]


Edited by Hal Itosis (11/15/11 05:09 PM)

Top
#19202 - 11/16/11 10:02 AM Re: Flash Bashing Express [Re: Hal Itosis]
tacit Offline


Registered: 08/03/09
Loc: Portland, Oregon, USA
Originally Posted By: Hal Itosis
[edit: As i understand it, the only real "need" for flash (as a browser player plugin) is that associated with DRM-regulated video. Everything else it does (which one might deem as being vital) can easily be replaced. And again, everyone who likes to whine about google and facebook tracking their movements should keep in mind that flash does that stuff too.]


It's also needed for certain types of interactivity. Complex games with scripted actions, for instance, can't (yet) be done in pure HTML.

However, as time goes on, I think that will be less and less the case.
_________________________
Photo gallery, all about me, and more: www.xeromag.com/franklin.html

Top
#19204 - 11/16/11 12:05 PM Re: Flash Bashing Express [Re: tacit]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
Originally Posted By: tacit
It's also needed for certain types of interactivity. Complex games with scripted actions, for instance, can't (yet) be done in pure HTML.

You're right of course... which is why i highlighted 'vital' (as online games aren't such for me). wink

If someone wants to play interactively, or shop at a website with fancy wiggling special effects... let THEM download flash. The rest of us news-watchers and you-tubers should be free to enjoy basic (normal) video, delivered via some standard protocol, etc.


Top
#19208 - 11/16/11 01:26 PM Re: Flash Bashing Express [Re: Hal Itosis]
MacManiac Offline
Moderator

Registered: 08/04/09
Loc: Paradise....on the central Ore...
Unfortunately, not all online flash presentations are trivial or backed up by HTML5 counterparts....

The Aviation Safety Foundation (a sub-entity to the Aircraft Owners and Pilots Association) recently sent me a link to one of their current online ASF presentations...and it wouldn't run using Safari 5.1.1 under OS X 10.7.2 with the latest Flash-Player plug-in 11.1.102.55 installed --- the only way I could view it was to open the link using Firefox 6.0.2 on the same platform, where it ran just fine.

I sent their web-team the details, but this particular issue appears to be more browser-related than server-side..... confused
_________________________
Freedom is never free....thank a Service member today.

Top
#19458 - 12/02/11 05:39 PM Re: Flash Bashing Express [Re: MacManiac]
artie505 Online


Registered: 08/04/09
Still re Flash, but a different aspect... I just noticed that the prefs I had set in my Flash Player pref pane reverted to default, probably when I updated to v 11.1.102.55, and I suggest that everybody check their own prefs no less often than after every Flash update. (My prefs reverted once before with no apparent cause, but that predated the Flash pref pane.)
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#19461 - 12/03/11 02:43 AM Re: Flash Bashing Express [Re: artie505]
jchuzi Online


Registered: 08/04/09
Loc: New York State
The same thing is happening to me. I have trashed Flash preferences repeatedly (actually, ~/Library/Preferences/Macromedia/Flash Player) and that used to work. Yesterday, I used System Preferences>Flash Player>Storage, clicked Delete All and then Delete All Site Data and Settings. I reset my preferences and, so far, they seem to be sticking. Apparently, Delete All also clears ~/Library/Caches/Adobe/Flash Player so that may have been the cure.
_________________________
Jon

OS 10.14.6, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365

Top
#19471 - 12/03/11 12:20 PM Re: Flash Bashing Express [Re: jchuzi]
artie505 Online


Registered: 08/04/09
Originally Posted By: jchuzi
The same thing is happening to me. I have trashed Flash preferences repeatedly (actually, ~/Library/Preferences/Macromedia/Flash Player) and that used to work. Yesterday, I used System Preferences>Flash Player>Storage, clicked Delete All and then Delete All Site Data and Settings. I reset my preferences and, so far, they seem to be sticking. Apparently, Delete All also clears ~/Library/Caches/Adobe/Flash Player so that may have been the cure.

I just trashed ~/Library/Prefs/Macromedia and ~/Caches/Adobe in their entirety, but I'm not the least bit optimistic about the reversions to default stopping.

We'll see...
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#19477 - 12/03/11 01:11 PM Re: Flash Bashing Express [Re: jchuzi]
artie505 Online


Registered: 08/04/09
As an experiment, I just reinstalled the latest version of Flash and restarted, but uneventfully.

Oh, well... Time will tell.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#19543 - 12/08/11 05:54 PM Re: Flash Bashing Express [Re: artie505]
artie505 Online


Registered: 08/04/09
Damn!!! I've been checking my prefs periodically, and I just found them reverted to default again.

Aaargh!!! frown

Heads-up to all.
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#19547 - 12/08/11 10:09 PM Re: Flash Bashing Express [Re: artie505]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)

Top
#19601 - 12/12/11 09:53 PM Re: Flash Bashing Express [Re: Hal Itosis]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
One wonders whether Adobe even tries to "get it right" . . . ever.
Seems like they don't learn anything, from one patch to the next.

Two zero-day vulnerabilities found in Flash Player

  crazy

Top
#19607 - 12/13/11 10:02 AM Re: Flash Bashing Express [Re: Hal Itosis]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: Hal Itosis
One wonders whether Adobe even tries to "get it right" . . . ever.
Seems like they don't learn anything, from one patch to the next.

Two zero-day vulnerabilities found in Flash Player

  crazy

I don't think this is a matter of getting it right on Adobe's part. I think it is more a matter of cutting their losses and doing the minimum effort they can get away with to keep their corporate customers happy. Adobe has already announced they are dropping development of Flash for handheld and tablet devices as well as tacitly acknowledging HTML 5 has already won the day on the desktop.

From my knowledge of Macromedia, the originator of Flash and Dreamweaver, my strong suspicion is Adobe is using a huge library of legacy code, which they did not write, developed at time when "security" was an unused word in the programmer's dictionary, and in a programming style that makes maintenance difficult and consequently very expensive. So Adobe has lots of patches to the code and each patch risks exposing and/or creating additional potential exploits. Apple was in a similar position when Steve Jobs returned to take the helm and made the decision to bet the company and invest in a completely new operating system and applications code base written in an unusual dialect of the C language. I have not seen anything from Adobe indicating they have either the vision or the resources to do anything that risky or daring.

Personally I don't think Flash will be around much longer. When Microsoft endorses any Open Source technology, and when Apple and Microsoft agree on anything, the game is over and Adobe lost.
_________________________
joemikeb • moderator

Top
Page 4 of 6 < 1 2 3 4 5 6 >

Moderator:  alternaut, cyn