[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Is using player like VLC safe alternative to Flash?
On 5/8/2013 4:53 PM, Moritz Bartl wrote:
That is true & I don't pretend to be an expert on vid formats, video
players or much of anything. It is the player(s) that historically were
mostly the problem (or usually been the case, in NON Tor use). Sure, a
vid could contain something bad & you really should scan them just like
any file, or have a real time scanner to do it automatically. But it's
the security holes / bugs, or even built in privacy violating behavior
in some players (Flash) that is most of the concern.
On 08.05.2013 10:58, Moritz Bartl wrote:
Question of playing Flash vids comes up constantly & explanation given
of why it can compromise anonymity in Tor Browser.
Additionally to what Tom Ritter wrote: If you want to be safe, convert
the .flv to a "real" video format first. I would say a toolchain like
ffmpeg -> h264, and then VLC to play it, is safer than directly playing
I just learned that that statement is crap, because flash video is just
a video format like the others.
Besides the anonymity thing w/ Flash Player & TBB, it attracts hackers
like flies to manure. [Manure - that's an interesting word that puts
together 2 words that have positive meaning: Ma & newer!]
Flash Player CONSTANTLY has to issue patches, meaning it usually has
security / privacy holes at any given time.
Compare the # of security updates Flash issues vs MPLayer, VLC or any in
their league. Yes, all apps issue security patches - but few even
approach the number or frequency of Flash Player.
tor-talk mailing list