Re: FLASH: [RESPONSE] Recent Flash Player Release

[unique]

At the exact moment of 2000.01.24.19.53, her/his local time, Eric J. Wittman

<

emanflash [dot] com

> put forth:


> unique writes:


>> However, you leave unaddressed some serious concerns regarding this

>> defective player. Furthermore, I do not follow the logic behind the

>> security issue.

> 

> According to many online security experts and sites, files/applications

> playing back from one domain should not be able to send or receive

> information from another domain without the users consent. Imagine a site

> where a user password/credit card/social security number, etc. is obtained

> on one page and sent to another domain. Or information behind a firewall

> is obtained and forwarded to another domain. According to the experts,

> this is a no no.

> 

> A few online security resources we use as a part of our consulting process

> are: o http://securityfocus.com o http://packetstorm.securify.com

> 

> Hope this provides a better understanding.

> 

> A side note, in TechNote #14213 in the Macromedia Flash Support Center, we

> do provide the recommended process.


Thank you again, Eric! I appreciate that you took the time to address my

*minor* concern, the second of two that I referred to in the words of mine

that you included above.


It still seems to be a no-longer meaningful barn-door closing. But I

digress ...


Will you please remember to be so kind as to either reply to the remainder

of my concerns (regarding the 25/20 player), or direct me toward someone

else who will?


Sincerely,


Ken Sherwood


                         *zenkat: the Flash trailer*

                    http://www.kensherwood.com/zenkat.htm


kensherwood.com

http://www.kensherwood.com




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  To unsubscribe or change your list settings go to

http://www.chinwag.com/flasher or email

helpchinwag [dot] com