On Wednesday 04 November 2009 11:24:12 pm Basil Chupin wrote:
On 04/11/09 21:47, Rajko M. wrote:
On Tuesday 03 November 2009 14:32:40 Richard wrote: ...
When I find such animals, using OPEN SOURCE, at least I can have a fighting chance at being able to track down what, who, and why if I have any questions.
And what prevents you to run network monitoring tools, track down Internet usage of every application on your computer, and setup firewall to prevent connection to offending sites? The type of binaries doesn't make a difference, open, close, whatever source.
In order to make use of Ethereal or such, one needs to know they are being hacked. With Flash, the illicit data is exchanged in the course of an otherwise valid communication which no firewall could possibly trap because it is to/from a legitimate destination and port and protocol.
If you accessing Internet you have no privacy.
You shoot barrage on Flash violating your privacy, forgetting that your ISP has much more data about your Internet habits than any advertising company can ever imagine to collect using browser cookies and/or Flash. What you going to do about that?
note to Rajko; My ISP and I have a legally binding contract regarding what they can and cannot do with the knowledge they gain about me because of the information I supply them as a customer, such as name, address, financial information (in the form of a credit card debit authorization), etc. If they violate that, they are subject to a lawsuit which *could* make me more wealthy than the exposure I tolerate by being a customer of that ISP. They have a duty, legal and moral, to protect any data they may have/collect from/about me as a result of my being a customer. Hackers obtaining the same or similar information through worms, trojans, viruses, phishing scams, keystroke capturing or whatever, do not have the same contract and have no right to the information I supply to my ISP as a customer. BTW, it isn't just PRIVACY at issue here, it is the fact that these 'flookies' can hold entire programs that can overcome the protection of the OS against hacker activities. If I can change permissions via software, if I can read and transmit the contents of a file via software, then malicious software can do the same *without* my knowledge or permission. Flash has been hacked and can and does have the ability to execute malicious code not written or endorsed by Adobe, but because the base software is closed source, it is nearly impossible for a user to detect the alterations made by hackers. Adobe has admitted to 'bugs' in their software that require patches to prevent such hacking. When and if they provide the patches, great and more power to them, but what about the bugs they haven't patched? With open-source, there are literally thousands of people that enjoy analyzing the code of various programs in order to find bugs and exploitable code. When the open-source community finds such things, it is often just hours before the entire world has at its' disposal, a patched version for download. No waiting for a vendor to weigh the cost of bad publicity, lawsuits or whatever by admitting the error and then offering a fix, often in the form of a 'new version' which incidentally, costs an upgrade fee.
I know that this more appropriately belongs in offtopic but seeing as how the Adobe Flash problem was mentioned by the OP in this thread I thought it appropriate to post this:
Adobe patches critical bugs in Shockwave Player
Full story here:
http://www.infoworld.com/d/applications/adobe-patches-critical-bugs-in-shoc kwave-player-892?source=rss_infoworld_news
BC
Basil, Thank you....you've helped me make the point and increase my resolve to use open-source software exclusively, if at all possible, and if not, to find other ways to do a similar and acceptable job that does use open-source. That article is precisely what I was talking about....not that Adobe, per se, is a villain but that closed source software is often hacked by malicious hacker types and when that happens, there is little or no recourse the end user has to detect and combat it. With Open-Source software, one has a much better chance to detect and combat such hacks. Why is Windows the #1 worst offender and the most leaky, insecure piece of software it is? Closed source. Why is LInux by comparison relatively solid and secure and hard to infest with hacks? Open-Source. Now, I happen to think Adobe Flash does a great job at what it is supposed to do. What I am afraid of is when it is doing something I don't want it to do. Its' very nature, coupled with the fact that it is closed-source, makes hacks that invade the privacy, such as it is, difficult to detect and correct. That is why I keep asking for an open- source alternative. I don't have a problem with PAYING for good software, even open-source software. I realize that the software itself isn't a big money maker especially if it is open-source, but Red-Hat, Novell and others have certainly found that it is possible to give the software away, but sell the service. Give the razor (apps) away, charge for the blades (service)... Richard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org