Some days ago a friend of mine showed me a “strange” (this is what i was thinking looking at that) application which made a complete debug of its flash movie.
Wow, incredible easier easier and easier than the Flash builtin debugger!!
Thus I immediately downloaded it and i was surprised of the impressive work this guy made!
Reading from admin tool’s web page: The AdminTool (AT) is a “snapshot viewer” of the current state of your Flash application without impacting the performance or the file size of your application. … It Works when published in the FlashIDE, local player, web browser. This means that you can debug your application at runtime from its intended location.
Basically it works with a Flash component (an mxp extension) which resides in your swf library and open a localconnection to the main admin tool interface.
Moreover you can change in realtime every property of your running swf to see what happens with that change.
And you can execute actionscript code in runtime from the admin tool, and see that code executed in you swf!! You can see also every video and sound from the swf.
The only requirement is that swf must be compiled for AS2 only. Downloads (mxp, win exe, mac exe and help files) are availables here: http://acmewebworks.typepad.com/…/admin_tool_down.html
Month: February 2005
Internet Explorer 7.0
Today at RSA, Bill Gates talked about Internet Explorer 7.0.
It seems there will be a beta available to late this summer, for Windows XP SP2… and it seems the major things about it will be security and security (wow, maybe guys at microsoft discovered security finally?)
More info at: http://radio.weblogs.com/0001011/2005/02/15.html#a9441
Mozilla announces beta release of XFORMS 1.0
The Mozilla Foundation today announced the beta release of the W3C’s XForms 1.0 Recommendation. XForms is the forms module standard developed by the World Wide Web Consortium (W3C), which enables developers to deliver the type of next-generation, rich, portable web-based applications desired by corporate IT.
What is XForms? XForms tries to address some of the limitations with the current HTML forms model.
It is event handling based. XForms brings to the table is the separation of data from presentation, strong data typing, the ability to submit XML data to servers instead of name/value pairs, and a descriptive way to author forms so that they can be displayed by a wide variety of devices Download
For download instructions, beta release notes, and to learn more about the project, please visit the project page at http://www.mozilla.org/projects/xforms
IDN Exploit In Firefox
I found out today there is a pretty, well very serious flaw in the various non IE browsers. Firefox is the one I am most concerned about becuase I use it constantly.
This exploit affects all browsers except IE. It has to do with the International Domain Name [IDN] support in modern browsers. The attack allows an attacker/phisher to spoof the domain/URLs of businesses.
There is a proof of concept document that will show you exactly what it can do; there is even an SSL connection that works as well, so much for a secure connection. Try it out before you apply the fix, but not in IE! There are several articles and workaround/fixes out there. I have been messing around with them all morning and here is the run down.
- There is a fix listed on Boing Boing. It says to type about:config in the address bar, find network.enableIDN and set it to false. This only works until you close Firefox and re-open it. Then the links at proof of concept will work again. It also broke my Macromedia News extension, don’t waste you time on this fix!
- Back up the compreg.dat file first, if you attempt this fix! There is another fix listed on tech.life.blogged. This one says to edit the compreg.dat file that is located in your profile directory, eg. On XP: C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\default.###\ Then you open the compreg.dat file in a text editor (I strongly suggest TextPad), find and modify the @mozilla.org/network/idn-service;1,{62b778a6-bce3-456b-8c31-2865fbb68c91} line. Change the 1 to a 0 and save the file. I tried this fix and it works, but the post states it is a permanent fix and it is not. The problem is that if you install a extension the compreg.dat file is reloaded and the 1 in @mozilla.org/network/idn-service; 1,{62b778a6-bce3-456b-8c31-2865fbb68c91} line is resored and the fix is lost. You will manually have to edit compreg.dat and change the 1 to a 0.
- The third fix I found at mozillaZine and advises to use AdBlocker to create a filter that will block any URL that uses characters that are outside the normal ASCII range. I have highlighted the steps to follow below:
- If you do not have Adblocker installed go here and install it!
- Once it is installed, in Firefox, goto Tools, Adblock, and open Preferences
- Important!! On the Preferences windows select Adblock Options and select Site Blocker: Note: Site Blocking will now have a check next to it.
- In the New Filter input box enter the following text: /[^\x20-\xFF]/
- Select Add next the New Filter input box to add the rule. Note: You will receive a Warning dialog when you select Add, just select OK to apply the filter.
- Select Done
- Go to the test page and select a link. The links will be blocked and should not load. Note: They had a paypal link but have since changed it. You still can see a nice sample of the domain spoofing.
I use Firefox everyday and love every minute of it. From what I read Firefox is working on a perminant fix that will eleminate this issue. I thought I would share this and the information I found out there about it, I would hate for a reader to expose personal information or financial data by this kind of attach. I always suggest to everyone on the internet, learn security, keep up to date on the kind of attachs going on, and most importantly, protect yourself and you data!
You can find out more details about the attach from The state of homograph attacks document.
http://www.boingboing.net/2005/02/06/shmoo_group_exploit_.html
EU process on software patents restarted
Since first reading of this here I have been trying to follow it. It seems a great victory was published today:
Florian Mueller, manager of the pan-European NoSoftwarePatents.com campaign: “From the bottom of my heart I wish to thank all of those who made this possible, particularly the FFII, the Polish government, key parliamentarians in all political groups, and those companies and people who supported my campaign, especially in the days leading to this decision. “The NoSoftwarePatents.com campaign was brought into being with the support of three IT companies: 1&1 from Germany (world’s largest web hoster), Red Hat (premier Linux company) and MySQL AB (Europe’s largest open-source software company). Lobbying for a restart of the process was one of the initially stated goals of the campaign. ” “The Empires will strike back” in Mueller’s prediction. Even until the beginning of the committee meeting, such corporations as Microsoft, Nokia, Ericsson and Alcatel had tried to thwart the plans, hoping to achieve the legalization of software patents in the EU at the earliest opportunity. “ read the full article
A big THANKS to alessandro for posting this important topic! 😉
SEPY 1.0.6.49, new feature
Here comes a new SEPY release with a major change in the interface: the Find dialog In particulary:
- multiline text dialog
- search can be now made not only in all the document text, but a filter can be used:
- search only in comments
- search only in strings
- open/save search status. This will save all the options and text currently in the dialog window (useful when using long regular expressions which we want to remember in future)
- Word Start: find text only if the character before is not a word char.
Added a guide for the find operations (with also a guide to the regular expression syntax which you can use in scintilla) I hope these changes are welcome, and expecially they works..