About a day before this post a new security vulnerability has been detected in Adobe Flash player that causes Flash to switch on the webcam (if available). Of course you have to visit a website running the compromised code.
At risk are all versions of Flash released so far (Flash Player 11 is the latest build). And the exploit works (for now) on OS X Safari and Firefox. Windows browsers may be safe along with Google Chrome because of of a bug affecting opacity within CSS files. Wow! Imagine being saved by bad protocol.
Attackers exploits the bug by using a form of “clickjacking” where clicks on a seemingly innocuous webpage launch malicious functions. All you script kiddies have to do is hide the camera settings within an invisible iFrame. Once launched the clicks activating the webcam are hidden behind clicks in a simple Flash game!
But there’s a catch: for now the only page that allows an attack to work is hosted by Adobe “Websites Privacy Settings Panel” that controls the webcam and mic security settings. So all Adobe has to do is fix how this page works. Something its working to do immediately.
The 64-bit bandwagon was launched by a 64-bit version of Windows XP about 3 (or was it 4 years ago). This was followed up by releases of 64-bit Windows Vista and finally of Windows 7 64-bit. But you may well ask why all the hoopla about 64-bit versus normal (aka 32-bit) Windows. Putting it simply it’s all about system resource utilization. The 32-bit operating systems (OS) cannot address more than just over 3 GB of installed RAM. And RAM as we know usually arrives in 2 GB sticks. So here you were with 2 sticks (4 GB in all) of which a fourth was useless.
Linux (derived as it is from Unix) doesn’t have this problem. It’s been 64-bit compatible from the get-go. And if your processor is only 32-bit its not a problem, Linux will install in 32-bit mode. But if you have a 64-bit processor, then Linux runs in that mode as well. And there are now special AMD64 builds (or Spins) for all the major Linux distributions (aka distros) like Fedora, Ubuntu, Kubuntu and Red Hat Enterprise Linux that take advantage of the different (from Intel) instruction set to offer better resource utilization. The only downside is that these AMD64-specific spins can’t be installed on Intel x86-64 processors.
But despite the availability of 64-bit OS there were no consumer 64-bit browsers available! Until a 64-bit Internet Explorer 8 (IE8) was installed along with Windows 7 64-bit. And more recently a 64-bit Firefox 4.0 Beta was released. But browsing the web using these builds was limited as any site with Flash didn’t display (render for purists) correctly.
I jumped on the 64-bit browser bandwagon quite early. Then got off about as quickly a I couldn’t really browse the Web! That is until earlier today when on a whim I searched the Adobe Labs site and found a preview (ostensibly Developer only) preview release of a 64-bit Flash player code named “Square” for Firefox 64 and IE8 64. Visit the Adobe Labs Flash Player “Square” Preview Release page for more information and download links.
The IE8 version is an updated ActiveX object that is best installed from within IE8 x64. Firefox x64 users need to download and install the Other Browsers version.
However despite trying my best I couldn’t get my Portable Firefox 4 x64 to open anything but the simplest Flash sites. It would just crash. I suspect the problem is caused by a 32-bit Portable wrapper running a 64-bit browser. But can conclusively say so because a standalone Firefox 4 x64 crashed as easily too!
You can test your x64 browser version from sites showcased in the Ten Best Flash websites of 2010. These are awesome examples of what a creative designer can do with Flash.