zcv - Slashdot User

Comment Simple solution (Score 1) 355

by zcv on Thursday November 12, 2009 @09:10PM (#30082198) Attached to: Flash Vulnerability Found, Adobe Says No Fix Forthcoming

Seems like the simple solution is to serve all non-trusted content from a separate hostname. For example, serve avatars or uploaded files from usercontent.example.com.

As far as I can tell this would stop the attack nicely. The malicious SWF would execute in the context of a domain you don't care about.

Comment it's been done (Score 2, Interesting) 439

by zcv on Thursday July 19, 2007 @11:27AM (#19914809) Attached to: True Random Number Generator Goes Online

Fourmilab's been doing this for years with HotBits. I remember writing an atomic-powered band name generator that used it.

« Newer Older »

Slashdot Top Deals

% "Every morning, I get up and look through the 'Forbes' list of the richest people in America. If I'm not there, I go to work" -- Robert Orben