Active Topics
|
2010-06-06
, 01:33
|
|
Posts: 303 |
Thanked: 175 times |
Joined on Oct 2009
@ London UK
|
#22
|
Originally Posted by gerbick
oops! sorry
I was actually joking.
/facepalmha!
 |
|
2010-06-06
, 01:44
|
|
Posts: 2,869 |
Thanked: 1,784 times |
Joined on Feb 2007
@ Po' Bo'. PA
|
#23
|
Why is it Nokias problem...
I just restarted my desktop and was greeted with a Flash upgrade notice from Adobe,
Flash is a MicroB plugin maintained by Adobe isn't it?
Why shouldn't it then be upgraded by the user of an N900 just as it is for a desktop user when Adobe gets around to making it available.
BTW, Nokia didn't make anyone "vulnerable". They provided a means with which to disable this plugin if you are so concerned.
Just sayin'
I just restarted my desktop and was greeted with a Flash upgrade notice from Adobe,
Flash is a MicroB plugin maintained by Adobe isn't it?
Why shouldn't it then be upgraded by the user of an N900 just as it is for a desktop user when Adobe gets around to making it available.
BTW, Nokia didn't make anyone "vulnerable". They provided a means with which to disable this plugin if you are so concerned.
Just sayin'
| The Following User Says Thank You to YoDude For This Useful Post: | ||
|
|
2010-06-06
, 01:55
|
|
Posts: 122 |
Thanked: 121 times |
Joined on Mar 2010
|
#24
|
Woah! I just found a security bulletin from last year that's strikingly similar to the one they just put out.
Last Year:
http://www.adobe.com/support/securit...apsa09-03.html
This Year:
http://www.adobe.com/support/securit...apsa10-01.html
Maybe Flash + Adobe Reader is the only way this is exploitable and not just Flash on it's own. 10.1(or at least the RC) might close itself off to Adobe Reader and that authplay.dll file
Last Year:
http://www.adobe.com/support/securit...apsa09-03.html
This Year:
http://www.adobe.com/support/securit...apsa10-01.html
Maybe Flash + Adobe Reader is the only way this is exploitable and not just Flash on it's own. 10.1(or at least the RC) might close itself off to Adobe Reader and that authplay.dll file
|
|
2010-06-06
, 02:16
|
|
Posts: 303 |
Thanked: 175 times |
Joined on Oct 2009
@ London UK
|
#25
|
You're right about turning it off, I posted earlier:
http://discussions.europe.nokia.com/...unread-message
But I think you're wrong about Adobe support. Nokia provide the flash plug in.. They'd be responsible for a fix, not Adobe..
http://discussions.europe.nokia.com/...unread-message
But I think you're wrong about Adobe support. Nokia provide the flash plug in.. They'd be responsible for a fix, not Adobe..
|
|
2010-06-06
, 03:09
|
|
Posts: 2,869 |
Thanked: 1,784 times |
Joined on Feb 2007
@ Po' Bo'. PA
|
#26
|
Originally Posted by SD.
You will pro'ly find something simular after they released just about every upgrade.
Woah! I just found a security bulletin from last year that's strikingly similar to the one they just put out.
Last Year:
http://www.adobe.com/support/securit...apsa09-03.html
This Year:
http://www.adobe.com/support/securit...apsa10-01.html
Maybe Flash + Adobe Reader is the only way this is exploitable and not just Flash on it's own. 10.1(or at least the RC) might close itself off to Adobe Reader and that authplay.dll file
The sky is falling.
|
|
2010-06-06
, 08:04
|
|
Posts: 131 |
Thanked: 62 times |
Joined on Feb 2010
|
#27
|
maybe so but that does not give Nokia an excuse not to have a responsible and timely response process for potential security issues.
other OS vendors do this pretty well.
burying ones head in the sand does not make the problem go away.
communication and recogniton followed by adequate risk mitigation and resolution is really the only acceptable approach.
rgds
other OS vendors do this pretty well.
burying ones head in the sand does not make the problem go away.
communication and recogniton followed by adequate risk mitigation and resolution is really the only acceptable approach.
rgds
 |
|
2010-06-07
, 10:57
|
|
Posts: 1,079 |
Thanked: 1,019 times |
Joined on Mar 2010
|
#28
|
This was one of my concerns when choosing the N900.
If certain third party elements are known to suffer regular security hiccups then they shouldn't be an integral part of the O/S and should be treated like a plugin. Patched and updated as and when required, without having to replace/reflash the whole O/S.
Adobe could simply turn around and say "Not our responsibility to fix it", and likewise so could Nokia.
If certain third party elements are known to suffer regular security hiccups then they shouldn't be an integral part of the O/S and should be treated like a plugin. Patched and updated as and when required, without having to replace/reflash the whole O/S.
Adobe could simply turn around and say "Not our responsibility to fix it", and likewise so could Nokia.
|
|
2010-06-07
, 13:12
|
|
Posts: 619 |
Thanked: 691 times |
Joined on Feb 2010
|
#29
|
>> communication and recogniton followed by adequate risk mitigation and resolution is really the only acceptable approach.
Nokia, commnication ?
[lol] what earth are you from
Nokia, commnication ?
[lol] what earth are you from
|
|
2010-06-07
, 22:58
|
|
Posts: 131 |
Thanked: 62 times |
Joined on Feb 2010
|
#30
|
Originally Posted by Frappacino
A much bigger one than Nokia!
>> communication and recogniton followed by adequate risk mitigation and resolution is really the only acceptable approach.
Nokia, commnication ?
[lol] what earth are you from
rgds
Maybe this is a play by Adobe to have everybody update to 10.1 quickly on Monday? lol