Get the Latest on Adobe Products

February 28, 2011 — Mrs. Mecomber
muse

Are you “into” Adobe products? I’m actually stunned how many products are available for web designers, businesses and even the freelance part-timer ;) ! It’s a web designer’s paradise. All the products may be confusing, especially if you are new to the field. If you’ve been looking for an easy-to-read, updated and succinct description of various Adobe products and more, there’s a blog, Jivaldi Fluid Communication, dedicated to Adobe products news and information. It can help you sort what’s what and offer news on new developments, showcase new products, and more. I found the articles to be very good synopses of each software program. As a matter of fact, some of the products mentioned are very appealing to what I wish to begin working on, particularly the Adobe Helium and Adobe Muse programs. Very nice!

Actually, Jivaldi offers more than information on Adobe. It’s a great place to learn more about web programming, web design, Internet marketing, analytics, seo optimization and more. The blog is maintained by Jim Ivaldi of California, a very talented developer with some high-profile clients. You can learn a lot by hanging around the guys who know what they’re doing.

Definitely check out the site if you’re looking into Adobe products and information. There’s some good advice and tips, too. I liked the Top Ten Tools That I Can’t Live Without article. Take a peek!

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in blogs, business services, desktop utilities, Internet. Tags: , , . 1 Comment »

Serious Browser Flash Flaw

November 16, 2009 — Mrs. Mecomber

Uh oh. I hate reading this stuff Monday mornings…. but this security issue looks like a doozy.

Flash flaw puts most sites, users at risk, say researchers
‘Frighteningly bad thing,’ said Foreground Security, of flaw allowing hackers to hijack sites, attack users

November 12, 2009 (Computerworld) Hackers can exploit a flaw in Adobe’s Flash to compromise nearly every Web site that allows users to upload content, including Google’s Gmail, then launch silent attacks on visitors to those sites, security researchers said today.

Adobe did not dispute the researchers’ claims, but said that Web designers and administrators have a responsibility to craft their applications and sites to prevent such attacks.

“The magnitude of this is huge,” said Mike Murray, the chief information security officer at Orlando, Fla.-based Foreground Security. “Any site that allows user-uploadable content is vulnerable, and most are not configured to prevent this.”

The problem lies in the Flash ActionScript same-origin policy, which is designed to limit a Flash object’s access to other content only from the domain it originated from, added Mike Bailey, a senior security researcher at Foreground. Unfortunately, said Bailey, if an attacker can deposit a malicious Flash object on a Web site — through its user-generated content capabilities, which typically allow people to upload files to the site or service — they can execute malicious scripts in the context of that domain.

“This is a frighteningly bad thing,” Bailey said. “How many Web sites allow users to upload files of some sort? How many of those sites serve files back to users from the same domain as the rest of the application? Nearly every one of them is vulnerable.”

Ugh. It does not look like anyone has a fix for this in the near future. These hacks are just getting crazy!!!

It is advised to either avoid browsing sites that have Flash (actually a very difficult thing today), or installing NoScript for Firefox browsers, or ToggleFlash for Internet Explorer. Nothing was said about using Opera, an alternative browser that I like and that has been immune from a lot of the security problems… so I’ll have to do some digging to find out.

In the meantime, use NoScript or ToggleFlash. NoScript (which is what I have used intermittently in the past) is a little complex sometimes, because you have to put everything on a white list… and some things I don’t know what are allowable or not (not all things on websites are adequately labeled). So this puts a real crimp in my own browsing style… hopefully, a fix will roll out soon.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Posted in ad blocks, browsers, security news. Tags: , , , , . Comments Off »
«
»