[144646] in cryptography@c2.net mail archive
Re: The latest Flash vulnerability and monoculture
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Mon Jul 27 08:27:15 2009
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: cryptography@metzdowd.com, perry@piermont.com
In-Reply-To: <87k51vmhag.fsf@snark.cb.piermont.com>
Date: Mon, 27 Jul 2009 16:45:55 +1200
"Perry E. Metzger" <perry@piermont.com> writes:
>This highlights an unfortunate instance of monoculture -- nearly everyone on
>the internet uses Flash for nearly all the video they watch, so just about
>everyone in the world is using a binary module from a single vendor day in,
>day out.
There are quite a number of third-party video players that will render Flash
video, are these using Adobe codecs or third-party H.263/264/VP6 ones? In
theory you don't actually need to run Adobe code to view FLV's, but given the
freewheeling nature of video players which often, um, borrow codecs from all
over the place, it's hard to tell what you're actually getting.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
