[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Is using player like VLC safe alternative to Flash?
VLC has a lot of stuff going on inside of it. I would not be
surprised if there were proxy leaks that might be able to be forced by
someone doing something tricky. Say you enter a url to a flash video
and the content is intercepted and replaced with an RTSP stream that
VLC somehow interprets, and due to a quirk of RTSP makes a request to
a third party domain that isn't proxied? I have no idea if that's
possible, but I wanted to give some strange example of something VLC
supports that might have a proxy leak in some obscure component.
Likewise, when discussing security vulnerabilities... VLC doesn't have
the best track record. (See https://www.videolan.org/security/ ).
I'm a big fan of VLC, but I put it in the same category as Pidgin when
it comes to "how far do I trust this program to not have bugs?"
I would love to see someone do an objective test of VLC as opposed to
my subjective hand-waving, but I'm not aware of one.
tor-talk mailing list