SkatzPoker - Tough tities. - flash embed will ultimately be the downfall of this site

SkatzPoker - Tough tities. (http://www.skatzpoker.org/forums/index.php)

- Gare-a-Lago (http://www.skatzpoker.org/forums/forumdisplay.php?f=2)

- - flash embed will ultimately be the downfall of this site (http://www.skatzpoker.org/forums/showthread.php?t=194)

flash embed will ultimately be the downfall of this site

[flash]http://www.swfme.com/swfs/96357lalalala.swf[/flash]

hidden=true flash embed please 1x

Um.

Apart from being painfully annoying...it's apparently a huge security hole which is EASILY exploited Sonatine.

Quote:

Originally Posted by vBulletin dev

It should be noted that allowing flash like this is a security risk as well since embedded flash can call external files to your server and manipulate data in cookies via actionscript.

A friend of mine was glancing over the forum yesterday and said it's a pretty huge security risk:

Quote:

Originally Posted by a friend

I see someone added a [flash] tag and people are posting flash on skatz

This is a pretty bad idea, very easy for someone to fuck up the forum and/or do nasty shit to the users.

One of your arch enemies could come and fuck up skatz with that.

not to mention that it is annoying reding a thread then you realize that some video is half way through and you either have to watch it 1 1/2 times or just skip it and miss out on the fun,

removed, but one could point out that like 90% of banners are flash, etc etc.

having a media-rich site had equity vs security concerns for me but i actually run a fairly secure browsing environment as well.

fairly secure browsing environment is faggot

I'm trying to understand this situation a little more fully.

The way I see it is that, yes - we all see Flash every day but that Flash is sitting on commercial websites and that. It's not on a forum where basically anyone can code it to do nasty or malicious things to users.

I'm not even sure what "fairly secure browsing environment" means to be honest, so I doubt I have one - but I don't really access websites that are 'risky' either, at least I try not to.

So if the Flash was just available to Admin or something, that may be an acceptable / casual risk. Or if you first made sure every current user and every potential user had "fairly secure browsing environments" before adding it. But Flash being available to any user seems to me to be an unacceptable / high risk - especially when most users wouldn't be running "fairly secure browsing environments". Particularly when every coder I've asked whilst [flash] was there said they could use that tag to do malicious things to users, far beyond simply destroying the forum.

So I guess I'm confused as to why it was added in the first place?

Quote:

Originally Posted by DakotaBurnsInHell (Post 2361)

jesus christ.

there are a whole lot of sites with flash enabled. its fun.

if you view malicious flash on an insecure browser such as IE, you have problems.

if you listen to a malicious mp3 on an out of date version of winamp, you have problems.

if you open a malicious pdf with an out of date version of acrobat, you have problems.

i hope this mitigates your concerns and confusion.

also id very much like to learn how flash can destroy a forum. this allegation alone is either incredibly bleeding edge knowledge or evidence of someone with an attenuated capacity for drama and/or a peerless desire for attention.

i literally thought sonatine of all people would be the one to bring up security issues