flash on amd64 debian lenny
in [General Linux]
|
Prev: 2010 FIFA World Cup Brazil football jersey
Next: NYC LOCAL: Wednesday 16 June 2010 NYLUG: Rob Spectre on Open Source Television with Boxee
From: The Natural Philosopher on 14 Jun 2010 18:37 Aragorn wrote: > On Monday 14 June 2010 00:47 in comp.os.linux.misc, somebody identifying > as The Natural Philosopher wrote... > >> General Schvantzkoph wrote: >> >>> On Sun, 13 Jun 2010 21:13:27 +0000, Curt wrote: >>> >>>> On 2010-06-13, The Natural Philosopher <tnp(a)invalid.invalid> wrote: >>>> >>>>> use the 64 bit nonfree and to hell with potential security wotsits. >>>> Pretty scary wotsits. >>> How scary is it really? What can these exploits do on a Linux system? >> I suspect in general access anything you as a user running the >> browser, have privileges to access. >> >> I only took a cursory glance, but it looks like the standard 'in >> principle, a hacker could create a flash file that executed arbitrary >> code' > > Isn't NX supposed to prevent that sort of thing? > >> Now if you are not running as root, that probably wouldn't compromise >> the operating system, but it might rip through your address books etc. > > Only if it knows what address books you are using. # Or is smart enough to work it out. By looking through your home directory and seeing what config files exist.
From: The Natural Philosopher on 14 Jun 2010 18:38 Roger Blake wrote: > On 2010-06-14, David W. Hodgins <dwhodgins(a)nomail.afraid.org> wrote: >> Do like I do. Use a separate account (userid), for use with >> each financial institutions, such as online banking. > > Or do like I do. Don't use online banking. > Or do like I do. Have an online bank with one time passwords and a free machine to generate them.
From: Curt on 15 Jun 2010 03:14
On 2010-06-14, The Natural Philosopher <tnp(a)invalid.invalid> wrote: > Roger Blake wrote: >> On 2010-06-14, David W. Hodgins <dwhodgins(a)nomail.afraid.org> wrote: >>> Do like I do. Use a separate account (userid), for use with >>> each financial institutions, such as online banking. >> >> Or do like I do. Don't use online banking. >> > Or do like I do. Have an online bank with one time passwords and a free > machine to generate them. Or me and Uncle Cyrus. Keep it under the mattress. |