Author Topic: Embedded video?  (Read 3829 times)

0 Members and 1 Guest are viewing this topic.

Offline Dascoo

  • Soldier
  • **
  • Posts: 200
  • banned from the forums
Embedded video?
« on: October 18, 2006, 06:37:26 am »
<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/AZILHN-MaSY"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/AZILHN-MaSY" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>

Am I doing something wrong?

UnReQuitLo
ɹǝƃuɐɥɔɹǝƃıu

Offline Toumaz

  • Veteran
  • *****
  • Posts: 1904
Re: Embedded video?
« Reply #1 on: October 18, 2006, 07:04:24 am »
Nope, you simply can't use HTML code in here.

Offline FliesLikeABrick

  • Administrator
  • Flamebow Warrior
  • *****
  • Posts: 6144
    • Ultimate 13 Soldat
Re: Embedded video?
« Reply #2 on: October 18, 2006, 10:36:43 am »
embedded objects are one of the exact reasons that most forums disable html

Offline Dascoo

  • Soldier
  • **
  • Posts: 200
  • banned from the forums
Re: Embedded video?
« Reply #3 on: October 19, 2006, 07:42:48 pm »
O lol...alot more easier to just embed the video then give a link? All those milliseconds just to load the page....sheesh

UnReQuitLo
ɹǝƃuɐɥɔɹǝƃıu

Offline Toumaz

  • Veteran
  • *****
  • Posts: 1904
Re: Embedded video?
« Reply #4 on: October 19, 2006, 11:20:52 pm »
O lol...alot more easier to just embed the video then give a link? All those milliseconds just to load the page....sheesh
No, with linking the user can choose for himself whatever he wants to watch the video. With a embedded video you have no real choice, and it would be uberhell if there were say five videos on one single page.

Offline jettlarue

  • Flagrunner
  • ****
  • Posts: 724
Re: Embedded video?
« Reply #5 on: October 19, 2006, 11:40:02 pm »
Look at fucking myspace, thats what soldatforums would become.,

Offline Krillious

  • Camper
  • ***
  • Posts: 324
  • If you were a hindu I could aim for the dot
Re: Embedded video?
« Reply #6 on: October 20, 2006, 12:12:04 am »
O lol...alot more easier to just embed the video then give a link? All those milliseconds just to load the page....sheesh
No, with linking the user can choose for himself whatever he wants to watch the video. With a embedded video you have no real choice, and it would be uberhell if there were say five videos on one single page.
Actually even if they are embedded, you still have to click play to watch them

Offline Toumaz

  • Veteran
  • *****
  • Posts: 1904
Re: Embedded video?
« Reply #7 on: October 20, 2006, 01:08:28 am »
O lol...alot more easier to just embed the video then give a link? All those milliseconds just to load the page....sheesh
No, with linking the user can choose for himself whatever he wants to watch the video. With a embedded video you have no real choice, and it would be uberhell if there were say five videos on one single page.
Actually even if they are embedded, you still have to click play to watch them
Not in all cases. Take flash animations and other kinds of objects as an example.

Offline FliesLikeABrick

  • Administrator
  • Flamebow Warrior
  • *****
  • Posts: 6144
    • Ultimate 13 Soldat
Re: Embedded video?
« Reply #8 on: October 20, 2006, 01:45:27 am »
Not to mention that if embedding was enabled, people could embed many other things besides videos... including malicious pages and things that exploit holes in IE.  Most of the recent IE exploits don't even require you to click OK or download/install anything...  just by going to a malicious page you are sufficiently exposed to infection.

By enabling HTML/embedded objects, we would make it such that people could embed malicious content directly into their posts

Offline Aquarius

  • Soldier
  • **
  • Posts: 234
Re: Embedded video?
« Reply #9 on: October 20, 2006, 02:04:28 am »
Most of the recent IE exploits don't even require you to click OK or download/install anything...  just by going to a malicious page you are sufficiently exposed to infection.

Could you show some example of the "recent IE exploits" to backup your claims?
Because when you read you on this Forum I have a strange feeling that open source fanboys are better in spreading FUD than Microsoft.

Offline FliesLikeABrick

  • Administrator
  • Flamebow Warrior
  • *****
  • Posts: 6144
    • Ultimate 13 Soldat
Re: Embedded video?
« Reply #10 on: October 20, 2006, 02:12:02 am »
Most of the recent IE exploits don't even require you to click OK or download/install anything...  just by going to a malicious page you are sufficiently exposed to infection.

Could you show some example of the "recent IE exploits" to backup your claims?
Because when you read you on this Forum I have a strange feeling that open source fanboys are better in spreading FUD than Microsoft.
http://www.securiteam.com/windowsntfocus/5KP062KJFU.html
https://www.kb.cert.org/vuls/id/842160
http://secunia.com/advisories/21396/
http://www.juniper.net/security/microsoft/prior_updates_2006_06.html
http://www.microsoft.com/technet/security/bulletin/MS06-021.mspx
http://www.juniper.net/security/microsoft/prior_updates_2006_10.html <-- a whole list for patches out this month, one of which (the second one) is especially bad.  Just by viewing a website, an attacker could gain complete remote shell access to a windows box

Many, many more results
http://www.google.com/search?q=IE+exploit+specially+crafted+web+page...

I wasn't saying that as a FOSS zealot, I was explaining one of the biggest reasons that forum admins don't enable HTML, and especially not embedded objects or frames
« Last Edit: October 20, 2006, 02:20:20 am by FliesLikeABrick »

Offline Aquarius

  • Soldier
  • **
  • Posts: 234
Re: Embedded video?
« Reply #11 on: October 20, 2006, 02:24:52 am »
Wow, your fanboism really blinds you. These holes are fixed and probably were not used in real exploits. You posted links to the reports about Microsoft security updates. Do you mean Linux or Firefox don't have security holes and patches?

I'm still waiting for one example of a dangerous exploit working with the latest version of IE. In the meantime:

Not fixed Firefox holes (some very very old):

http://secunia.com/advisories/20442/
http://secunia.com/advisories/12979/ (partial fix)
http://secunia.com/advisories/12580/
http://secunia.com/advisories/12403/

Fixed but dangerous Firefox holes:

http://secunia.com/advisories/21906/
http://secunia.com/advisories/19873/
and more: http://secunia.com/product/4227/?task=advisories

« Last Edit: October 20, 2006, 02:31:10 am by Aquarius »

Offline FliesLikeABrick

  • Administrator
  • Flamebow Warrior
  • *****
  • Posts: 6144
    • Ultimate 13 Soldat
Re: Embedded video?
« Reply #12 on: October 20, 2006, 02:30:44 am »
It is valid for me to point out fixed holes in IE and microsoft because far too few users of these softwares do not keep up-to-date.  A huge percent of the people who come into our helpdesk (I work as a consultant at our college's computing helpdesk) infected with all kinds of crap come in infected with stuff because they were browsing with IE and they did not keep up to date at all.

Sure Firefox and Linux have bugs and holes but:
1) how many people have ever gotten a virus by going to a website in firefox and got infected without having to a damned thing?
2) if anything in linux was ever exploited, it would never, ever be able to be used to compromise the entire system due to the way permissions are set up.  If a root exploit was ever found in a piece of system hardware or the kernel itself, it is generally patched within hours of being found, rather than Microsoft waiting until the following month or later to push out an update.  The only time recently that MS pushed an update out in 3 days was to patch a hole in their DRM. 


Not fixed Firefox holes (some very very old):

http://secunia.com/advisories/20442/
http://secunia.com/advisories/12979/ (partial fix)
http://secunia.com/advisories/12580/
http://secunia.com/advisories/12403/

Fixed but dangerous Firefox holes:

http://secunia.com/advisories/21906/
http://secunia.com/advisories/19873/
and more: http://secunia.com/product/4227/?task=advisories



The first one only effects firefox 1.5.0.4 and under.

The second one only effects VERSIONS OF FIREFOX UNDER 1.0 ("The vulnerability has been confirmed in Mozilla Firefox 0.10.1 for Windows. Other versions may also be affected.")  are you kidding me that you need to go this far back?

The third one is 2 years old and only effects ones under 1.5.0.* or maybe even earlier ones were fixed.  This was fixed by 1.5.*

The 4th one also only effects things before 1.5


Look at the "Last Update" dates of all of those old ones you pointed to.  My information is current, yours is everything but.  show me something with a recent date on it.  All of the things I linked you about IE were within the past few months.



Not a single vulnerability you linked was for any version of firefox that has come out in the past year.

This is why firefox pushes out new versions when bugs are discovered, rather than relying on people to download insane amounts of patches.


It obviously means something when firefox uses a NEW VERSION for every single vulnerability found rather than having anywhere from 5-50 patches per month. 



You don't even use IE, you use Opera.  What are you defending it for, and why don't you use it??  Are you just trying to make it sound like I'm spewing useless OSS fanboy crap?  I support OSS for a reason.
« Last Edit: October 20, 2006, 02:40:05 am by FliesLikeABrick »

Offline Toumaz

  • Veteran
  • *****
  • Posts: 1904
Re: Embedded video?
« Reply #13 on: October 20, 2006, 02:32:32 am »
Yeah, I remember when I accidentally took down a library mainframe once when I visited a shady page in IE. Good times.

...and, Firefox updates itself automatically. No hassle.

Offline Aquarius

  • Soldier
  • **
  • Posts: 234
Re: Embedded video?
« Reply #14 on: October 20, 2006, 02:39:23 am »
By default Internet Explorer and Windows update itself automatically too.

http://www.google.com/search?hl=en&lr=&safe=off&q=linux+security+hole+%22gain+root+access%22&btnG=Search

Running unpatched Linux can be as dangerous as running unpatched Windows - end of story.

Offline Toumaz

  • Veteran
  • *****
  • Posts: 1904
Re: Embedded video?
« Reply #15 on: October 20, 2006, 02:40:36 am »
http://www.google.com/search?hl=en&lr=&safe=off&q=linux+security+hole+%22gain+root+access%22&btnG=Search

Running unpatched Linux can be as dangerous as running unpatched Windows - end of story.

I've been tought that there are far less viruses able to infect Linux systems than Windows systems. Are they wrong?

Offline FliesLikeABrick

  • Administrator
  • Flamebow Warrior
  • *****
  • Posts: 6144
    • Ultimate 13 Soldat
Re: Embedded video?
« Reply #16 on: October 20, 2006, 02:43:58 am »
First go back and read all of my edits.  Then compare your search to my specific ones:

Results 1 - 10 of about 24,300 for linux security hole "gain root access". (0.21 seconds)

Mine:
Results 1 - 10 of about 4,730,000 for windows exploit remote access. (0.10 seconds)
Results 1 - 10 of about 205,000 for windows "specially crafted" view. (0.20 seconds)
Results 1 - 10 of about 170,000 for windows virus remote attacker "complete control". (0.20 seconds)

two obvious ones:
Personalized Results 1 - 10 of about 93,500,000 for windows virus. (0.09 seconds)
Results 1 - 10 of about 315,000 for "linux virus". (0.26 seconds)
Personalized Results 1 - 10 of about 3,200,000 for "windows virus". (0.25 seconds)

The results for "linux virus" are 99.9% people discussing the possibility of a linux virus, if any.

The results for "windows virus" are 99.9% people discussing new windows viruses and how to protect against them.



http://math-www.uni-paderborn.de/~axel/bliss/

This is an article about the one one of the few things that ever came close to a virus for linux and other UNIX based operating systems. The author mocks it, and even the person who wrote the virus pretty much mocks the notion of trying to create a virus for *NIX.  They did it to show the most that a virus could do, which is just infect the one user's files (not the whole system like 99% of windows viruses do).  The only way it can compromise the entire system is by running the virus as root... which is like giving someone the keys to your car... anyone who knows anything about using a computer just doesn't do that.  Even so, this does not have the ability to infect other systems or propagate in any way.  Windows viruses are notorious for scanning networks and being able to spread itself through holes in services provided by just about every running windows machine, including the notoriously bad Windows networking stacks themselves.

http://www.google.com/search?hl=en&lr=&safe=off&q=linux+security+hole+%22gain+root+access%22&btnG=Search

Running unpatched Linux can be as dangerous as running unpatched Windows - end of story.

I've been tought that there are far less viruses able to infect Linux systems than Windows systems. Are they wrong?

Yes, there has never been a virus that has been able to spread itself through linux systems (notice the plural). ever.   The only way these bugs in the kernel can be used to gain root access is through very specific and targeted attacks.

In order to be a virus, it not only has to be able to infect the system that it resides on (not just user files), but it also needs to be able to attack and infect other computers via some means.  Linux networking abilities are hardened to protect from deliberate attack of any sort, and very few holes have ever been found in this.

Much of the security in *NIX comes from the model it follows of being a proper layered operating system.  Windows is a great example of how to completely ignore this very good model.  Go read about it for more information

there are occasional flaws found by people to gain root access to linux systems.  These flaws are found by experts reading the entire and well-documented kernel code rather than by people who randomly find and exploit vast numbers  windows bugs and security holes.

The same goes for how these security firms find the security holes in firefox or any other OSS.  They look through the source code for the applications and find coding bugs that anyone could make.   This isn't possible with Windows or IE, since they're closed source.  There are thousands of exploitable bugs and security holes in windows/ie but they're not discovered nor fixed yet due to the fact that it is 100% closed source.

You will see people point to the analysis of the Firefox code that showed something like 600 bugs and a "large number" of "security risks."  This is useless information for trying to drag FX down to IE's level until the IE source code can be analyzed.

People and firms have done analysis on the IE binary to try and do the same hting, and they found (maybe tens of) thousands of bugs and security holes.  They would find far more if they had access to the actual source.

I do not have the links to either of those, so I use them to support my argument but not as a main backbone of it.

There's a reason that I run Linux on the server that runs the forums and my soldat servers, as do a vast majority of hobbyist and business server owners/sysadmins.  Also, in my free time I do research and "detective work" on the origins of spam, calling sysadmins to let them know that their computers are sending out spam.

By the way... 99% of these systems are virus infected windows machines.  The Linux machines that are sending spam are improperly configured and are just a matter of hanging one line in a configuration file to stop it from doing so.  The windows machines are virus-infected servers and generally require a complete system reinstall.


I'm going to sleep, but I want to leave with this:
I am not saying that Linux, FX, and other pieces of FOSS software are without their bugs and problems.  That said, the fact is 100% undisputable that these softwares are orders of magnitudes (to say the least) more secure and bug-free than the stuff sold by Microsoft as a core operating system and browser.

To each his own, you can do what you want.  I'll be here with my more efficient and more secure operating system, browser, and other software
« Last Edit: October 20, 2006, 03:04:14 am by FliesLikeABrick »

Offline Dascoo

  • Soldier
  • **
  • Posts: 200
  • banned from the forums
Re: Embedded video?
« Reply #17 on: October 20, 2006, 03:26:08 pm »
Do you know anybody on this forum who would be an asshole enough to do this?

UnReQuitLo
ɹǝƃuɐɥɔɹǝƃıu

Offline Toumaz

  • Veteran
  • *****
  • Posts: 1904
Re: Embedded video?
« Reply #18 on: October 20, 2006, 03:27:57 pm »
Do you know anybody on this forum who would be an asshole enough to do this?
It would certainly make forum bots a lot more worth making.

Offline SadistAtHeart

  • Global Moderator
  • Flagrunner
  • *****
  • Posts: 636
  • golevka
Re: Embedded video?
« Reply #19 on: October 20, 2006, 03:28:41 pm »
Do you know anybody on this forum who would be an asshole enough to do this?

Yes