File: flashcarrier.swf-(2.42 MB, 768x612, Loop)
[_] Anonymous 01/15/18(Mon)14:45:44 No.3308436
Marked for deletion (old).
>> [_] Anonymous 01/15/18(Mon)14:51:58 No.3308439
you know it's the other way around. or will be in 2 years anyway
>> [_] Anonymous 01/15/18(Mon)15:07:37 No.3308443
>>3308439
only if html 5 could emulate flash otherwise it's gonna be like this forever
>> [_] Anonymous 01/15/18(Mon)15:47:26 No.3308450
>>3308443
except no browser will support it anymore and you'll be raped by russianrabies
>> [_] Anonymous 01/15/18(Mon)17:06:20 No.3308463
>>3308450
except that browsers will need to continue support for shit to keep working because people arent
going to stop using flash when it stops being supported
>wut iz windows xp
>> [_] Anonymous 01/15/18(Mon)17:36:44 No.3308467
What's their baby going to be? Htmlwave 5? Flashtml?
>> [_] Anonymous 01/15/18(Mon)17:43:54 No.3308469
>>3308467
a bastard child that nobody wants
>> [_] Anonymous 01/15/18(Mon)17:54:09 No.3308473
>>3308463
the browser vendors couldn't be happier over the removal of flash. it's a piece of bloated
proprietary shit that's both inefficient and deemed a security hazard. now that adobe themselves
are stopping support for it, there's no way that browsers are going to continue instead. there'll
still be external legacy players that can run flash but any developer who hasn't been living
under a rock would stay away from it.
>> [_] Anonymous 01/15/18(Mon)18:06:34 No.3308477
>>3308473
>it's a piece of bloated proprietary shit that's both inefficient and deemed a security hazard.
The funny thing is that there isn't anything open source that does what flash (the player and
creation software) does to the same quality. The supposed html5 replacement is also a security
hazard, with cryptocoin miners, browser alert boxes and various malicious scripts to the point
that many people use a browser extension to block javascript from running by default; similar to
how most browsers blocked flash for their users in the past few years.
>> [_] Anonymous 01/15/18(Mon)18:16:40 No.3308482
>>3308473
>zomg I clicked on a flash and it wants to print something I don't want to !!1
no amount of security will save your dumb ass
if you really want to be safe just cut the ethernet cable right now
>> [_] Anonymous 01/15/18(Mon)18:30:06 No.3308484
>>3308477
>there isn't anything open source that does what flash (the player and creation software) does to
the same quality
yes there is? in most use cases, html5 can do the same exact thing as flash does while using less
resources to do it. as for the creation software, nobody gives a fuck about its importance
besides the faggots who also suck steve jobs's necrophiliac cock daily.
>security hazard
none of what you mentioned actually is a security risk. yeah they're as malicious as what flash
is capable of but any private info being compromised is usually the fault of the programmer
rather than the software itself, unlike flash which has vulnerabilities being discovered nearly
daily.
>> [_] Anonymous 01/15/18(Mon)18:30:46 No.3308486
>>3308473
>it's a piece of bloated proprietary shit that's both inefficient and deemed a security hazard
ahahahaha this nigga tryin to talk shit like this about flash when javascript exists and is only
getting worse
>> [_] Anonymous 01/15/18(Mon)18:33:23 No.3308487
>>3308482
https://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-6761/Adobe-Flash-Player.html
you're one of those morons that has been living under a rock this whole time. there's a reason no
one uses flash for anything of high-critical importance.
>> [_] Anonymous 01/15/18(Mon)18:35:47 No.3308488
>>3308486
>open-source
>getting worse
you've never heard of github have you? proof that you're just a dumb retard that has no further
knowledge than a layman
>> [_] Anonymous 01/15/18(Mon)19:05:31 No.3308497
>>3308484
gib examples
also the creation software is important because because without a good html5 creation software,
less people will make html5 stuff. in addition there isn't an html5 standard similar to flash
where everything is in a single file
oh and if those don't count as security risks for whatever reason, then give your definition of a
security risk
>> [_] Anonymous 01/15/18(Mon)19:12:06 No.3308499
>>3308497
webm is one example that's even being used by 4chan right now. better encoding, less bloat.
there's plenty of game creation software like unity or godot that can export to html easily, or
rpgmaker that can use js natively to export to other platforms. flash having a good creation tool
is merely an overstatement.
>> [_] Anonymous 01/15/18(Mon)19:18:02 No.3308502
>>3308497
as for security risks, read the post above. if you want even more, just google it. flash has too
many exploits to count that are constantly being found and patched over.
>> [_] Anonymous 01/15/18(Mon)19:25:51 No.3308506
>>3308497
>there isn't an html5 standard similar to flash where everything is in a single file
there are tools that can do this. look at rollup or webpack which bundle all your code
automatically.
>> [_] Anonymous 01/15/18(Mon)19:33:04 No.3308510
>>3308502
>>3308487
>Total number of vulnerabilities : 1044
That's quite a misleading statement. I looked through many of them and the vulnerabilities are
usually stated as "for adobe flash player version x.x.x.x.x or lower" and start at some version
of adobe flash player 9. The most recent version is flash player 27 and that site only lists 7
vulnerabilities for that version.
>> [_] Anonymous 01/15/18(Mon)19:33:58 No.3308511
>>3308502
>security risks
no I asked for YOUR definition, since what I consider a security risk isn't good enough for you
>> [_] Anonymous 01/15/18(Mon)19:37:41 No.3308512
>>3308511
MY definition is the LITERAL definition and it's NOT your DUMBFUCK HEADCANON, okay?
>>3308510
>still trying to defend flash's biggest weakness
why do you even still bother to justify yourself?
>> [_] Anonymous 01/15/18(Mon)19:58:27 No.3308518
>>3308512
>LITERAL definition
https://en.wikipedia.org/wiki/Risk#Security
>A security risk is any event that could result in the compromise of organizational assets i.e.
the unauthorized use, loss, damage, disclosure or modification of organizational assets for the
profit, personal interest or political interests of individuals, groups or other entities
constitutes a compromise of the asset, and includes the risk of harm to people.
>unauthorized use
so how is cryptocoin mining not a security risk via your own definition?
>why do you even still bother to justify yourself?
because 7 vulnerabilities that will be patched don't seem like a big deal.
>> [_] Anonymous 01/15/18(Mon)20:06:07 No.3308525
>>3308518
>browser alert boxes
and how are browser alert boxes a security hazard to you? cryptocoin mining is at least
borderline in the same sense that any game that uses resources and logs the data within the
process could be considered "cryptocoin mining" if that data were just as valuable. also you
should reread that definition in the full context of "unauthorized use [that could result in the
compromise of organizational assets]". just as i thought, you and your DUMBFUCK HEADCANON.
>7 vulnerabilities
they're only vulnerabilities that were discovered. there could be far more that aren't exposed to
the public. don't kid yourself, the list will only continue to grow while adobe themselves is
literally not going to touch it anymore.
>> [_] Anonymous 01/15/18(Mon)20:24:38 No.3308531
>>3308525
>and how are browser alert boxes a security hazard to you?
The javascript alert function forces the browser to switch to the tab that generated the box and
won't let the user interact with the browser until the box is closed. An attack that I've seen,
before installing noscript, is to open an alert box as soon as the previous one is closed which
forces a user to close the window which that tab is open in.
>you and your DUMBFUCK HEADCANON.
I just used the definition of security risk that wikipedia quoted. Why have you not stated your
definition by now? Please do.
>they're only vulnerabilities that were discovered. there could be far more that aren't exposed
to the public.
The same goes for any application. There's malicious exploits in javascript web frameworks, not
to mention cross site scripting. The W3C statement on javascript security says enough for me to
not trust most sites:
"We cannot stress this enough. JavaScript is a wonderful language and can help you to build
highly responsive and beautifully interactive web sites and applications, but where it falls down
terribly is security. In short, there is no security model in JavaScript and you should not
protect, encrypt, secure or store anything vital or secret with it" (https://www.iad.gov/
iad/customcf/openAttachment.cfm?FilePath=/iad/library/reports/assets/public/upload/J
avaScript-Security-Risks.pdf&WpKes=aF6woL7fQp3dJiegGJ5E5teTgrb3CdeJCMGnLB)
>don't kid yourself, the list will only continue to grow while adobe themselves is literally not
going to touch it anymore.
That may be true after 2020, but adobe is still going to release security updates until that time.
>> [_] Anonymous 01/15/18(Mon)20:32:58 No.3308534
>>3308531
reread the definition. now read your example of it. checkmate. it's not even up for argument at
this point and doing so at this point just makes you a clown.
also i can see you're just parroting general terms since you used the term cross site scripting
without knowing the full meaning behind it. it's not the fault of javascript itself, it's the
usage of malicious third party libraries that have access to the same domain as you since you're
using them. there's a HUGE difference in security risks due between the programmer's incompetence
and the language itself, ie flash.
you're just a moronic layman that likes to hear himself argue. open your eyes, flash is shit and
everyone acknowledges it except for retards like you.
>> [_] !Wulf.Eb.mY 01/15/18(Mon)20:34:23 No.3308535
>>3308531
Don't waste your time. He's baiting and not even trying to come up with an argument. He's wrong
and is probably acutely aware of it and just playing it up further because it's fun to act like a
retard.
>> [_] Anonymous 01/15/18(Mon)20:38:35 No.3308536
>>3308535
just like how retards samefag while thinking it gives themselves credibility. i don't believe
that there could be multiple people that share the same thought process as a retard. and if you
are really just as retarded as the previous guy well, it's not my problem.
>> [_] Anonymous 01/15/18(Mon)20:41:00 No.3308537
>>3308534
>reread the definition. now read your example of it. checkmate.
hold it! where is your definition of a security risk? I'm still waiting on that since arguing
whether something is or isn't a security risk is pointless if we don't agree on what a security
risk is.
>> [_] Anonymous 01/15/18(Mon)20:42:59 No.3308539
>>3308537
https://en.wikipedia.org/wiki/Risk#Security
>A security risk is any event that could result in the compromise of organizational assets i.e.
the unauthorized use, loss, damage, disclosure or modification of organizational assets for the
profit, personal interest or political interests of individuals, groups or other entities
constitutes a compromise of the asset, and includes the risk of harm to people.
>A security risk is any event that could result in the compromise of organizational assets
neither a browser alert nor cryptocoin mining result in the compromise of organizational assets.
i win, you lose.
>> [_] !Wulf.Eb.mY 01/15/18(Mon)20:47:44 No.3308544
>>3308539
Computational load is considered an asset. If you're accessing something that forcibly increases
computational load on any of your hardware with malicious or intent unknown to the user, then it
is a security risk that damages your assets. If computational load wasn't an asset then the
measuring the value of different cpu/gpu architectures would be impossible, therefore selling
them would never attain profit, yatta yatta blah blah blah semantics make the world go round and
someone here doesn't study business or computer science and it isn't me or >>3308531.
>> [_] Anonymous 01/15/18(Mon)20:48:48 No.3308545
>>3308539
Oh so you accept that definition whereas in >>3308525 you called it my "DUMBFUCK HEADCANNON"?
Nice backpedaling. And to extrapolate on that point, if someone can force people to use cpus for
cryptocoin mining, which is a heavy computational load, it stands to reason that there's
potential for javascripts which overheat and damage the cpu,
>> [_] Anonymous 01/15/18(Mon)20:54:43 No.3308547
Both browsers and flash player are insecure as fuck. Running random code sent to you from
strangers is a security nightmare.
>> [_] Anonymous 01/15/18(Mon)21:00:21 No.3308550
>>3308547
>Running random code sent to you from strangers
sounds hot, any source on that?
>> [_] Anonymous 01/15/18(Mon)21:00:59 No.3308551
>>3308547
Especially when the code can execute from pdf files, which most people think should be as secure
as a text file. You can even do an SQL injection from your browser's useragent if the website
you're visiting is insecure enough.
>> [_] Anonymous 01/15/18(Mon)21:02:52 No.3308552
>>3308525
At least borderline? I don't want ANY program using a single byte of resources on my machine
unless I say so. That's just like saying people who use your comp as a torrent repeater is
borderline. Have fun with latency and less resources. Yeah that's just borderline LOL.
>> [_] Anonymous 01/15/18(Mon)21:03:30 No.3308553
>>3308550
What do you mean? Any time run javascript or actionscript that's someone else's code.
>> [_] Anonymous 01/15/18(Mon)21:06:22 No.3308555
>>3308553
I think he means code that is ran on your PC - without you even doing anything or allowing it. Is
it cool if I install and run programs on your PC without your consent? If so cool I'll send a few
.exe's your way - I need to increase my botnet.
>> [_] Anonymous 01/15/18(Mon)23:15:31 No.3308580
>>3308499
I'm mainly concerned about loops. WebM has to have everything line up perfectly in order to loop
properly, Flash doesn't. Can HTML5 emulate that?
Genuine question, not trying to put you down by the way.
>> [_] Anonymous 01/15/18(Mon)23:30:16 No.3308582
>>3308580
>Can HTML5 emulate that?
I'm not that guy, but it absolutely can.
https://mozilla.github.io/shumway/
Here's an example of some simple HTML5 flash loops. This pages literally runs .swfs in
javascript. Unfortunately the project was abandoned.
The problem with html5 is with tooling. There are no good animation tools for creating original
html5 animations afaik. And if you were an animator WHY would you want to export to javascript
when you can render a video? And even if you did create something, how would you distribute it?
An .html page? There's really no good way to share "javascript animations" (ew)
