If your were going to program a game...
Steven D'Aprano
steven at REMOVE.THIS.cybersource.com.au
Tue Jan 6 18:35:12 EST 2009
On Tue, 06 Jan 2009 10:44:39 -0700, Joe Strout wrote:
> Not that I have anything against Flash; I've started learning it just
> last week, and apart from the nasty C-derived syntax, it's quite nice.
> It has a good IDE, good performance, great portability, and it's easy to
> use. It just surprises me that after all these years, the Python
> community hasn't done something similar.
It's bad enough that every time I go to a website using Flash, my browser
is running untrusted code in my browser, but at least Adobe has spent a
bucket-load of time and money making it (almost) secure. I sure as hell
don't want arbitrary Python code running in my browser.
Oh, and even Adobe hasn't got it completely right: IBM research Mark
Dowd has demonstrated an incredible vulnerability that allows a
single Trojan to exploit Flash in either IE or Firefox while leaving
the Flash runtime operating normally. And it can bypass Vista
security. Although Dowd doesn't explicitly mention other OSes, I see
no reason to believe the same technique wouldn't work on Linux.
http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-
flash-exploit/
This is not your regular buffer overflow vulnerability. Read it and weep.
--
Steven
More information about the Python-list
mailing list