From owner-freebsd-questions@FreeBSD.ORG Mon Oct 21 22:25:58 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id A1F17EF5 for ; Mon, 21 Oct 2013 22:25:58 +0000 (UTC) (envelope-from mrkvrg@acm.org) Received: from smtp1.bway.net (smtp1.v6.bway.net [IPv6:2607:d300:1::27]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7A6112B1A for ; Mon, 21 Oct 2013 22:25:58 +0000 (UTC) Received: from gecko3.bs.net (host-216-220-115-96.dsl.bway.net [216.220.115.96]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: m1316v@bway.net) by smtp1.bway.net (Postfix) with ESMTPSA id C76D79586E for ; Mon, 21 Oct 2013 18:25:48 -0400 (EDT) From: mfv To: freebsd-questions@freebsd.org Subject: Re: firefox && HTML5 && flash Date: Mon, 21 Oct 2013 18:25:45 -0400 Message-ID: <4611988.Veuan0ZE26@gecko3.bs.net> User-Agent: KMail/4.10.5 (FreeBSD/9.1-RELEASE; KDE/4.10.5; i386; ; ) In-Reply-To: <1382214677.94228.28.camel@eva02.mbsd> References: <20131018213547.GA1001@tiny-r255948> <20131019212819.GA896@tiny-r255948> <1382214677.94228.28.camel@eva02.mbsd> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: mrkvrg@acm.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Oct 2013 22:25:58 -0000 On Sat, 19 Oct 2013 23:31:17 clutton wrote: > Of course it is not! > I'm a FreeBSD user and Klemens lives in Germany... > FreeBSD users and Germans don't do such things... >=20 > :) >=20 > BTW. If you see green install button, it means that firefox addons te= am > had approved this addon. And all sources is available on github. > And you can always see the sources. It's just JS. >=20 > On Sat, 2013-10-19 at 21:28 +0000, Matthias Apitz wrote: > > El d=C3=83=C2=ADa Saturday, October 19, 2013 a las 02:29:32PM -0400= , mfv escribi=C3=83=C2=B3: > > > > And the flash disable addon (I didn't try it, 'cause I don't ha= ve the > > > > flash plugin installed): > > > > https://addons.mozilla.org/firefox/addon/flashdisable > > >=20 > > > I received this message a couple of minutes after requesting a so= lution > > > to > > > switch between flash and HTML5. > > >=20 > > > I tried the third option and it meets my needs. If I need to swit= ch from > > > one mode to the other it is a simple matter of clicking on the bu= tton > > > that appears on the toolbar and then reload the page. If the but= ton is > > > red, flash can be used, if it is greyed-out HTML5 is loaded. > >=20 > > Hello mfv, > >=20 > > Isn't it risky to install such kind of software? What about if it i= s > > recording your future keystrokes? > >=20 > > Thx > >=20 > > =09matthias Hello clutton and Matthias, Thanks for the following information. The download button for flashdis= able=20 was indeed green so I assume the firefox folks reviewed the code. =20 After looking at their security notes I verified that add-ons where rev= iews=20 are pending are marked as experimental and have buttons with yellow and= orange=20 stripes. After installing this add-on I ran clamscan and did not find any viruse= s. Are=20 there any other precautions I should take? As far as potential threats go, I do have a concern that the binary cod= e is on=20 one site and the source code on another. In this situation it seems th= at=20 bait-and-switch is possible. Cheers ... Marek