Sandboxed Flash Player Coming To Firefox

Trailrunner7 writes "Adobe, which has spent the last few years trying to dig out of a deep hole of vulnerabilities and buggy code, is making a major change to Flash, adding a sandbox to the version of the player that runs in Firefox. The sandbox is designed to prevent many common exploit techniques against Flash. The move by Adobe comes roughly a year after the company added a sandbox to Flash for Google Chrome. Flash, which is perhaps the most widely deployed piece of software on the Internet, has been a common attack vector for several years now, and the attacks in some cases have been used to get around exploit mitigations added by the browser vendors. The sandbox is designed to prevent many of these attacks by not allowing exploits against Flash to break out into the browser itself."

'bout time!

[Anonymous Coward]

Its about damn time they did this for Firefox. I don't know how many times Flash has caused my browser to crash and I couldn't do anything about it. I love how in Chrome only the Flash player dies and not the browser.

Re:'bout time!

[jjjhs]

They isolated plugins (incl Flash and Silverlight) from crashing the browser a long time ago. Version 3.6 or something.

Re:

[Anonymous Coward]

Open about:config
Search for "dom.ipc.plugins.timeoutSecs"
Change it (from 45!) to 10 or 5.

This should (hopefully) force Flash to crash faster, be careful if the PC is really slow though as clicking buttons that cause some sort of slow calculation to happen may crash the applet on you.

Nope

[dutchwhizzman]

They still crash the browser often enough. All FF did was kill plugins that were unresponsive for an X amount of time, but the didn't do any sandboxing or insulating.

Re:'bout time!

[__1200333]

Switching from on-board to usb audio on windows 7 reliably hangs flash for me.

However, you CAN do something about it! Find the right plugin-container.exe process (usually easy because it's the one taking hundreds of megabytes) and kill it. Firefox will now resume and give you the "your plugin has crashed" screen wherever flash was embedded previously.

Re:'bout time!

[icebike]

Chrome Already sandboxes Flash, but only if you turn it on, and only in the DEV branch (Version 17 is current dev version as of this writing).

You can turn it on as explained here: https://plus.google.com/u/0/116560594978217291380/posts/CJvbAMkBiNf [google.com]

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[makomk]

Also, that isn't going to work for Chromium because it requires the custom version of Flash that comes with Google Chrome, and there's no way to obtain and install that custom Flash plugin if you're a Chromium user - you have to download the none-Chrome version of Flash from Adobe, though chances are if you use Windows and aren't paying close attention that'll try and install Google Chrome too!

In fact, I'm not sure that Chromium can sandbox the Flash plugin at all.

Here's my hope.

[Moryath]

Maybe sandboxing the damn flash player will stop it from periodically causing Firefox to hang for 30 seconds or so thanks to some damn ugly "full motion video" ad that's trying to load up?

I'd love to see a ban on FMV ads. Double for FMV ads that start themselves automatically, and quadruple for those fucking ads that blast audio after doing so.

Re:Here's my hope.

[Galestar]

I'd love to see a ban on FMV ads...

Install FlashBlock

Re:

[Tim C]

That fixes it for him. Banning FMV ads fixes it for everyone.

Re:

[drinkypoo]

Everyone can install flashblock. Or better yet, noscript, which also flashblocks.

Re:Here's my hope.

[Hatta]

Why are you not using NoScript?

Re:

[MetalliQaZ]

Seconded.

Re:

[Microlith]

Even with NoScript, you're always at risk of Flash hanging Firefox if you permit it to load. I'm not one to be patient with Flash so in such cases I kill the plugin-container and Firefox comes right back (seriously, Flash is the SOLE source of Firefox hangs for me.)

What I'd like to see is Mozilla set up interactions with the plugin-container to be asynchronous so that the main Firefox thread doesn't hang when Flash kills the container. Until then, you can set dom.ipc.plugins.enabled.timeoutSecs to some supe

Re:

[Anonymous Coward]

You permit "full motion video" ads to run? Damn, that's stupid. Here's how ya do it, ace. Use noscript + adblock and you'll hardly ever see anything you weren't expecting to see.

Re:

[cshay]

...and flashblock.

Re:

[icebraining]

NoScript blocks Flash, there's no point in having the two installed.

Re:

[coxymla]

FlashBlock keeps the web usable unlike NoScript. If you have to install just one it's a far better option.

Re:

[PReDiToR]

FlashBlock and NoScript are both important to me.
Cover from XSS and clickjacking are as important if not more so than the damn audible and visual annoyance that is Flash.

I wouldn't say the Internet was worth using without NoScript, AdBlock Plus, FlashBlock, HTTPS Everywhere and Password Hasher.
This is why I stick with Firefox, even though I know it has problems. Running it in SandBoxie is a must for me on Windows.br

Re:

[zoloto]

Dont' forget request policy.

Re:

[icebraining]

But NoScript already blocks Flash (and all other plugins), why install both?

Re:

[PReDiToR]

Sometimes I want to enable scripts on a page without enabling Flash.
Some dickheads use Flash for their menus, which can be enabled separately from the ads and videos if the site is important enough to stay on.

Re:

[1800maxim]

Because it breaks the browsing experience on just about every site out there, and manually having to white-list each site is a painful process that's a usability nightmare.

Re:Here's my hope.

[cmarkn]

Yes, because clicking once for each domain that provides scripts to the site, the first time you visit it, is such a nightmare.</sarcasm>

Re:

[Inda]

Give the man a break.

I tried NoScript for a week and had to give up. When a site is loading 20 JS includes, how do you know which ones to allow for functionallity, and which ones are trackers and ad-servers?

Block them all!

Only you can't block them all as that often blocks content. That was probably the final straw for me - the blocked content - Google showed me a page I needed, and yet after loading the page, only the H1 headers were displayed, as the rest was generated by JS. That fails the "Dad test" ever

Re:

[Anonymous Coward]

Anyone who thinks "browsing experience" is a legitimate phrase should not be listened to.

Re:Here's my hope.

[Hatta]

Funny how my mac using artist girlfriend has no problems whatsoever with that "usability nightmare". Since she discovered it (on her own, no software evangelism in this household), she regularly comments on how awful the internet is when she has to use it without NoScript. THAT is the real usability nightmare.

Re:

[evilviper]

it breaks the browsing experience on just about every site out there

If "the browsing experience" is a euphemism for "full-screen ad overlays you have to click through" and "crap popping up when you incidentally mouse over a random word" then I'm happy to break it...

Re:

[MagusSlurpy]

No, it's a euphemism for things like CAPTCHA boxes, UBB shortcut windows, and lots of login scripts on sites that have comment systems, possibly even the one you're using now. I just stick with AdBlock and Flashblock, and I'm perfectly happy with my experience.

Re:

[zoloto]

Exactly. I uninstalled flash/java/silverlight/etc plugins all the time for people and they praise me for how fast everything loads now.

Re:

[JDG1980]

Why are you not using NoScript?

Can't answer on his behalf, but I don't use NoScript because it breaks virtually every site on the Web by default.

Re:

[Yvan256]

Here's an easy solution: remove Flash from your system.

Ad Block?

[antdude]

Come on, ad block!!

Re:

[Endo13]

The ones that piss me off the most are the ones on NFL.com pages for live games that play in the same window the game updates will be displayed in. You can't block them, because if you do you won't get what you're on the page for. You can't mute the audio, and nevermind skipping the fucking ad. I've almost quit using the site entirely because of it.

Whitelist

[sakdoctor]

The whitelist for flash is in the single digits. Most sites don't need that privilege.
Youtube, a couple of porn sites ... that's about it really.

Re:

[zoloto]

you never need flash with the appropriate plugins such as "click to plugin" always loading the video directly in a similar manner to direct video embedding does. The only benefit to flash is for sites like youtube that have and utilize flash advertisements before videos.

We should all...

[Anonymous Coward]

Look forward to the requisite performance drop and novel new glitches. Yay.

Half Way There

[rsmith-mac]

Considering Flash's extensive use as an attack vector this is great news. I would sleep better at night though if Firefox itself was also sandboxed; in fact I'm a bit surprised you can even sandbox Flash when the browser doesn't support it.

Re:

[MetalliQaZ]

Considering Flash's extensive use as an attack vector this is great news. I would sleep better at night though if Firefox itself was also sandboxed; in fact I'm a bit surprised you can even sandbox Flash when the browser doesn't support it.

What happens when a user wants to download a file (on purpose) to their home directory when the entire browser is sandboxed?

Re:

[icebraining]

A sandbox can permit saving files to a single specific directory while still denying access to any other directory.

Re:

[PReDiToR]

If you use Windows give Sandboxie [sandboxie.com] a look over.
When a file is downloaded you can recover to the directory the browser specifies or choose another location. Leaving it inside the sandbox and running it there (keygen, trial install) gives you the opportunity to remove the whole install if it contains malware, foistware or other crap you don't want.

Re:

[godrik]

Personnally, I run firefox using a separate user account which has read permission only where it needs. (for instance, no /etc and no /home except /etc/iceweasel and /home/firefox obvisouly)

Re:

[icebraining]

Yeap. Using sudo it's very easy to set that up.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[hobarrera]

Wrong, wrong, wrong.
OpenSSH, the OpenBSD kernel, and other extremely secure pieces of software are written in C, and are extremely safe. All the securest pieces of software I can think about, are in C or C++.

Flash is unstable and insecure because Adobe is lazy and doesn't care about fixing it (it is too incompetet to do so), and doesn't die just because people and websites keep using it.

A third layer of sandboxing?

[Anonymous Coward]

First there's the NPAPI, then there's plugin-container, and now there's another layer?

Re:A third layer of sandboxing?

[icebraining]

NPAPI is just an API, not a sandbox. plugin-container just prevents flash from taking the browser with it when it crashes randomly, it doesn't protect anything from malicious code.

Project Codename: Sieve

[CyberDog3K]

Yes, let's all rely on Adobe, the company who wrote one of the planet's least secure multimedia delivery platforms in history, to save us from their own software. I'm sure the sandbox will be stable and secure and in no way, shape, or form, completely useless and awful.

Re:

[Anonymous Coward]

They bought Flash when they acquired Macromedia. They just made it much worse.

Re:

[Anomalyst]

I cant imagine any of these "features" would have any possible positive aspect for me when using a browser.
At best they are trivial convenience stuff to assist the marketdroids to present the sheeple with their "vision".
I DONT want marketing dweebs running poorly concieved and even more poorly implemented code on my machine, no matter how well sandboxed.
NoScript and Adblock FTW.

Re:

[Johann Lau]

name the features.

Re:

[twokay]

Indeed, the Sandbox mode in Adobe Reader X is a PITA. It plays havoc with anti-virus and i have seen workstations with no anti-virus installed refuse to open .pdf docs until it is disabled.

I still leave it on by default here, but thats the first thing to check when anyone complains their pdf file wont open.

Re:

[hobarrera]

Why is this downvoted? There's a very valid point being made here: flash needs to be dropped once and for all.

Wow this is awesome!

[stevenfuzz]

Now if we could just get some updates on the next Realplayer release, and whether or not it will be sandboxed with AOL, I can comfortably enter 2005 on the bleeding edge.

Firefox Dev Tools

[This is my user name]

Firefox is getting so torn between different developer platforms. They could cater to users of canvas, with their JS scratchpad, or they could appease flash users. Tough choice.

Its about time

[PPH]

My cat has been trying to bury Flash for years.

what about ie?

[dirtyhippie]

subject says it all, really. it's nice to have it for chrome and firefox, but where it's really needed is in ie.

cave paintings

[dutchwhizzman]

Cave paintings exist where they sandboxed flash. It's about time Adobe did the same....

Does it run on linux?

[Requiem18th]

Seems like the most obvious question but does this run on Linux? Also, does Gnash, or any other free implementation of the flash plugin offer this too?