No more new Flash versions for Linux?

Discussion in 'all things UNIX' started by wat0114, Sep 18, 2012.

Thread Status:
Not open for further replies.
  1. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    Am I interpreting this right? Adobe will no longer provide new versions for Linux, other than security updates for the latest?
     

    Attached Files:

  2. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,854
    I remember reading Android 4.1 and on will not have Flash either. Is HTML 5 that close to being mainstream or am I missing something? :rolleyes:
     
  3. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,557
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Yes, that's correct. Only the PPAPI Plugin, as used with Chrome, will get new versions. Adobe 11.2 will continue to get security releases.

    The PPAPI Sandbox on Linux is really fantastic though.
     
  5. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    PPAPi is only for Chrome isn't it? I like Chrome a lot, except its scripting control plugin doesn't rival that of Firefox' NoScript. This sort of news is somewhat disturbing to me, because after using Ubuntu for > week, I'm seeing it as a viable replacement for Windows. It suits my needs in essentially every way Windows does except that it's so much easier to maintain security wise. It seems with the Intel news lately and now seeing this, Linux could be getting "left out in the cold"?

    Thanks Robin! I didn't know about this until now. Only recently have i ventured into the linux world again :)
     
    Last edited: Sep 18, 2012
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    It is currently only for Chromium based browsers. Firefox has stated it has no plans to implement it.

    I personally just whitelist Javascript by Top Level Domain with Chrome and set plugins to Click to Play. I know, this isn't the same as NoScript, but it's one way to secure Chrome against malicious scripts/plugins.

    Definitely. As you've already noted in another topic you can get incredibly tight sandboxes in Linux, way tighter than in Windows using integrity.

    Yeah, this has always been the case. But things are changing somewhat. Valve is porting Steam to Linux and you can expect that to change things up a lot.

    I'd suggest you look into the PPAPI Sandbox and Chrome's sandbox. If you read up on it it's gonna be hard to use another browser - it really is an incredibly tight sandbox.
     
  7. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    Agreed. The granularity that can be achieved is incredible.

    Without question, it's an excellent sandbox. i read up on it a while ago, and I guess if I use your suggestions for script control, it will afford excellent security. I've got the latest stable Chrome installed and Apparmored :)
     
  8. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Yeah it's just too bad that Chromium doesn't use that Flash sandbox (only Chrome).
     
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    It can. You just have to move the files there yourself.
     
  10. tlu

    tlu Guest

    Yes, but they won't get automatically updated, will they?
     
  11. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Only if Chromium users script something to look for a new Chrome release now and then, download it, extract the contents, copy and past the dll file to Chromium folder. All automatically. :D
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Basically
    wget
    dpkg
    cp

    Can't imagine it'd be that hard.

    Or someone could just make a PPA for it like they do for Java.

    But I'd use Chrome anyways. Chromium is way out of date on Linux.
     
  13. tlu

    tlu Guest

    Haha - very automatic, indeed :D :D :D
     
  14. tlu

    tlu Guest

    I guess you're talking about this approach. This assumes that there are no malicious scripts in, e.g., .com domains. Rather euphemistic if you ask me.:D
     
  15. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    Either flash will be open source or HTML5 will be used on Linux in the future. YouTube and Hulu haven't implemented it yet.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    It's mostly because the majorit of malicious websites are either linked directly to the IP or they go to some .cn / .ru website.

    Naturally if I land on a malicious .com page it'll run Javascript. At that point I'm relying on:
    1) Plugins being click to play
    2) The ridiculously hard to exploit Chrome/Linux
     
  17. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Chromium is only out of date in Ubuntu because they don't update it. You can find PPA's with the latest releases.
     
  18. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    I've never found a PPA that kept it up to date.
     
  19. Judge Dee

    Judge Dee Guest

    Ubuntu Tweak has PPAs for daily builds, dev channel, and stable channel.
    Never used them, though.
     
  20. Once steam hits Linux expect a lot of new development to come to Linux.
     
  21. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    A better and safer approach is to allow connections only to specific websites. :D The JavaScript/etc whitelisting increases Jane and Joe's security, though, as together with other measures such as Safebrowsing and other blacklisting approaches, besides the sandbox, as the % of malicious domains the user may access won't be as successful to attack their systems.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.