Vim's Flash Thread
Woodchuck
djv at bedford.net
Fri Dec 8 11:06:12 PST 2006
On Fri, 8 Dec 2006, Vim Visual wrote:
> Besides, o'bsd is showing to be a much more mature *nix system than
> GNU/Linux, which seems to be a teenager... I love the professionality
> of o'bsd people
That's my reason. A simple system, logically laid out on disk, consistent.
>
> Well... now... WHAT ABOUT MY QUESTION???
>
> FIREFOX WITH FLASH - HOW??
Heh. Linux emulation in a "chroot" jail. I haven't tried this.
> > But _very_ slightly. Most exploits even in Open Source programs are
> > discovered through analysis of the program produced. So programs from
> > closed and open source have basically the same level of vulnerability,
> > since that is how you find exploits in closed-source code.
Agree, but in the case of Flash, I'm vaguely scared (I don't use it)
since it interfaces with a browser of unknown properties, running on X
(with all its problems). I'm also wary of Flash because it seems to want
to execute code on "my" side -- similar objection to java. I don't like
downloading code and running it blind, especially in an X setting.
The closedness of Flash and suchlike means that it has not been subjected
to public scrutiny and possibly audit.
> > So, with the closed source, we have to trust the company when they say the
> > program doesn't deliberately do anything underhanded, and we can't fix any
> > problems we find ourselves. From a security standpoint, that's the
> > _entire difference._ Any extra vulnerability from being able to see the
> > code is so minuscule that it has never mattered.
And yet this is the precise case with Mozilla vs IE. That's quite a
difference, in my opinion.
Dave
More information about the Openbsd-newbies
mailing list