Two problems

classic Classic list List threaded Threaded
16 messages Options
Reply | Threaded
Open this post in threaded view
|

Two problems

Tallitsch, Robert
(1) Since I upgraded to 10.13.2 I have, more often than not, seen the following error message upon closing Safari and a few other files. In case the attachment doesn't come through the error message reads as follows:

sh:/usr/bin/lockfile: No such file or directory

sh:/usr/bin/lockfile: No such file or directory (127)

Suggestions for a fix?

(2) I too am seeing the spinning colored pizza wheel when using Safari. There was a string of questions about this but I can't seem to find the solution that was posted? Did anyone determine how to fix that? Are these two issues I am seeing related?

Thanks - and Happy New Year

--

Robert B. Tallitsch, Ph. D.  l  Professor of Biology  l  Augustana College
639 38th Street  l  Rock Island, IL 61201  l  <a href="tel:%28309%29%20794-3441" value="+13097943441" style="color:rgb(17,85,204)" target="_blank">(309) 794-3441

I am a teacher. A teacher is someone who leads. 
There is no magic here. 
I do not walk on water, I do not part the sea. 
I just love my students.   
(adapted from Marva Collins)
************************************************************
Teaching is the playful search and discovery with others for 
the potential in each of them—and in me. 
(Louis Schmier)
************************************************************ 
The task of the excellent teacher is to stimulate apparently
ordinary people to unusual effort. The tough part is not in
 identifying winners; it is in making winners out of ordinary people. 
************************************************************



____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

@lbutlr
On 1 Jan 2018, at 08:47, Tallitsch, Robert [hidden email]> wrote:
>
> sh:/usr/bin/lockfile: No such file or directory

> sh:/usr/bin/lockfile: No such file or directory (127)

Do you get this in Safari with all extensions and plugins disabled?

(Preferences => Websites => Plugins in the left column and Preferences => Extensions)

--
Aren't you a little short for a stormtrooper?




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

Tallitsch, Robert
Thanks for the suggestion. Turned off all extensions and plug ins and the error message went away, but not the multicolored spinning pizza wheel.

On Mon, Jan 1, 2018 at 10:44 AM, @lbutlr <[hidden email]> wrote:
On 1 Jan 2018, at 08:47, Tallitsch, Robert [hidden email]> wrote:
>
> sh:/usr/bin/lockfile: No such file or directory

> sh:/usr/bin/lockfile: No such file or directory (127)

Do you get this in Safari with all extensions and plugins disabled?

(Preferences => Websites => Plugins in the left column and Preferences => Extensions)

--
Aren't you a little short for a stormtrooper?




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____



--

Robert B. Tallitsch, Ph. D.  l  Professor of Biology  l  Augustana College
639 38th Street  l  Rock Island, IL 61201  l  <a href="tel:%28309%29%20794-3441" value="+13097943441" style="color:rgb(17,85,204)" target="_blank">(309) 794-3441

I am a teacher. A teacher is someone who leads. 
There is no magic here. 
I do not walk on water, I do not part the sea. 
I just love my students.   
(adapted from Marva Collins)
************************************************************
Teaching is the playful search and discovery with others for 
the potential in each of them—and in me. 
(Louis Schmier)
************************************************************ 
The task of the excellent teacher is to stimulate apparently
ordinary people to unusual effort. The tough part is not in
 identifying winners; it is in making winners out of ordinary people. 
************************************************************



____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

John Burt
Try Firefox ESR. I tried it recently and really like it.

On Mon, Jan 1, 2018 at 2:04 PM, Tallitsch, Robert <[hidden email]> wrote:
Thanks for the suggestion. Turned off all extensions and plug ins and the error message went away, but not the multicolored spinning pizza wheel.



--
John



____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

Geoff WALLACE
In reply to this post by Tallitsch, Robert
Hello Robert,

How much RAM does the Mac have.

How much free space on the Hard Drive?

Geoff WALLACE
Melbourne Victoria
Australia

On 2 Jan 2018, at 9:04 am, Tallitsch, Robert <[hidden email]> wrote:

Thanks for the suggestion. Turned off all extensions and plug ins and the error message went away, but not the multicolored spinning pizza wheel.




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

Randy B. Singer
In reply to this post by John Burt

On Jan 1, 2018, at 4:29 PM, SciFiOneA . wrote:

> Thanks for the suggestion. Turned off all extensions and plug ins and the error message went away, but not the multicolored spinning pizza wheel.

Try updating Flash and deleting all of your Flash cookies:

Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
Item# 9

If that doesn't help, check out:

Macintosh OS X Beachballs!
http://www.macattorney.com/rbb.html

___________________________________________
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
___________________________________________






____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

@lbutlr
On 2 Jan 2018, at 15:57, Randy B. Singer [hidden email]> wrote:
> On Jan 1, 2018, at 4:29 PM, SciFiOneA . wrote:
>
>> Thanks for the suggestion. Turned off all extensions and plug ins and the error message went away, but not the multicolored spinning pizza wheel.
>
> Try updating Flash and deleting all of your Flash cookies:

1) Flash is a plug-in
2) no one should be running Flash.


--
I hear hurricanes a-blowing, I know the end is coming soon. I fear
rivers over-flowing. I hear the voice of rage and ruin.




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

Randy B. Singer

On Jan 3, 2018, at 5:37 AM, @lbutlr wrote:

>
> 1) Flash is a plug-in
> 2) no one should be running Flash.

If you can get by without Flash, that's fine.  But there is an awful lot of content still on the Web that requires Flash.  Personally I think that it's too soon to jettison Flash.

If one keeps Flash meticulously updated, and only updates via the Adobe Web site or the Flash control panel, it is quite safe and stable.

___________________________________________
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
___________________________________________






____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

Doug Hogg
I have dumped Flash and on the rare occasions where a website needs it, I open Google Chrome which has had Flash built in. I find my computer definitely runs faster without Flash.

:-)

Doug Hogg

Sent from my iPhone

> On Jan 3, 2018, at 11:11 AM, Randy B. Singer <[hidden email]> wrote:
>
>
>> On Jan 3, 2018, at 5:37 AM, @lbutlr wrote:
>>
>>
>> 1) Flash is a plug-in
>> 2) no one should be running Flash.
>
> If you can get by without Flash, that's fine.  But there is an awful lot of content still on the Web that requires Flash.  Personally I think that it's too soon to jettison Flash.
>
> If one keeps Flash meticulously updated, and only updates via the Adobe Web site or the Flash control panel, it is quite safe and stable.
>
> ___________________________________________
> Randy B. Singer
> Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
>
> Macintosh OS X Routine Maintenance
> http://www.macattorney.com/ts.html
> ___________________________________________
>
>
>
>
>
>
> ____________TidBITS Talk Participation Guidelines____________
> Post only when you have something substantive to contribute.
> Be polite and constructive, and comment on posts, not people.
> Quote sparingly, if at all. We all read the previous message.
> Start threads with a new message to [hidden email].
> Read archives at: http://tidbits.com/pipermail/tidbits-talk/
> Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
> ____Mailing List Manners: http://tidbits.com/series/1141 ____



____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

@lbutlr
In reply to this post by Randy B. Singer
On 3 Jan 2018, at 12:11, Randy B. Singer [hidden email]> wrote:
> On Jan 3, 2018, at 5:37 AM, @lbutlr wrote:
>> 1) Flash is a plug-in
>> 2) no one should be running Flash.
>
> If you can get by without Flash, that's fine.  But there is an awful lot of content still on the Web that requires Flash.  Personally I think that it's too soon to jettison Flash.

I don't know anyone who is still running Flash, not even on Windows. A few people did what I did and kept Google Chrome around for its included Flash, but even Chrome is ending that (or has?).

Also, nearly every site that I've seen in the last 5 years that claims it requires Flash is lying. Switch your browser to "iPad" and the video magically work.
       
> If one keeps Flash meticulously updated, and only updates via the Adobe Web site or the Flash control panel, it is quite safe and stable.

No, it is not safe.

<https://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-6761/Adobe-Flash-Player.html>

--
"Your stepmom is cute"
"Shut up, Ted"
"Remember when she was a senior and we were freshmen?"
"Shut up Ted!"




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

TidBITS Talk mailing list
Chrome has it's own, built-in Flash so you don't need a stand alone Flash.




photo
Betty Fellows
Platinum Plus Results
Phone:<a href="tel:650-364-4134" style="color:#545454;text-decoration: none; font-size: 12px;"> 650-364-4134 || Email:[hidden email]

From: "@lbutlr" <[hidden email]>
To: Tidbits <[hidden email]>
Sent: Wednesday, January 3, 2018 12:16 PM
Subject: Re: Two problems

On 3 Jan 2018, at 12:11, Randy B. Singer [hidden email]> wrote:
> On Jan 3, 2018, at 5:37 AM, @lbutlr wrote:
>> 1) Flash is a plug-in
>> 2) no one should be running Flash.
>
> If you can get by without Flash, that's fine.  But there is an awful lot of content still on the Web that requires Flash.  Personally I think that it's too soon to jettison Flash.

I don't know anyone who is still running Flash, not even on Windows. A few people did what I did and kept Google Chrome around for its included Flash, but even Chrome is ending that (or has?).

Also, nearly every site that I've seen in the last 5 years that claims it requires Flash is lying. Switch your browser to "iPad" and the video magically work.
   
> If one keeps Flash meticulously updated, and only updates via the Adobe Web site or the Flash control panel, it is quite safe and stable.

No, it is not safe.


--
"Your stepmom is cute"
"Shut up, Ted"
"Remember when she was a senior and we were freshmen?"
"Shut up Ted!"




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email]
____Mailing List Manners: http://tidbits.com/series/1141 ____






____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

@lbutlr
On 03 Jan 2018, at 14:03, Betty Fellows via TidBITS-Talk <[hidden email]> wrote:
> Chrome has it's own, built-in Flash so you don't need a stand alone Flash.

Yes, but as I men toned Chrome is either ending that very soon or has already ended it.

--
"I have never killed a man, but I have read many obituaries with great
pleasure." Clarence Darrow




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

Randy B. Singer
In reply to this post by @lbutlr

On Jan 3, 2018, at 12:15 PM, @lbutlr wrote:

> On 3 Jan 2018, at 12:11, Randy B. Singer [hidden email]> wrote:
>> If one keeps Flash meticulously updated, and only updates via the Adobe Web site or the Flash control panel, it is quite safe and stable.
>
> No, it is not safe.
>
> <https://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-6761/Adobe-Flash-Player.html>

That statement is false, just like when the press often misleadingly conflates a potential vulnerability with an exploit.  The two aren't the same thing.  Just about all complex software has potential vulnerabilities.  Your average computer OS has hundreds of them at any given time.   Those potential vulnerabilities are irrelevant to end users up until such time as someone comes up with a way to successfully exploit them (or at least when it looks like creating such an exploit might be easily achievable).  

That's why Adobe offers such frequent updates to Flash: to keep Flash secure from exploits or very severe potential vulnerabilities.  While no complex software is 100% safe, Flash is easily safe enough that an end user can feel free to use it without worry, as long as they keep it meticulously updated.

___________________________________________
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
___________________________________________






____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

@lbutlr
On 4 Jan 2018, at 03:16, Randy B. Singer [hidden email]> wrote:
> Flash is easily safe enough that an end user can feel free to use it without worry, as long as they keep it meticulously updated.

Your position is not the position shared by *any* security expert I've found. Flash is trivially exploited and exploitable. I will not run it on my machines and I will not support machines that run it. Adobe has given up on it and announced its end-of-life, and Google has already started the process of disabling Flash in Chrome (right now, flash content cannot play by default, later this year you will need to explicitly allow flash to run at all every time you launch Chrome, and it will be entirely gone by 2020). In addition, the number of pages with Flash has dropped drastically in the last few years.

<https://threatpost.com/flashs-final-countdown-has-begun/127475/> (Aug 2017)
Today, Adobe Flash security holes still dominate the threat landscape. So far this year there have been 60 unique CVEs associated with Flash, 53 rated high-severity allowing attackers to remotely execute code. Earlier this month Adobe patched a serious a local sandbox escape bug in its Flash Player after researchers failed to fix the bug completely in a previous patch.


--
On the other hand, you have different fingers.




____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

Al Varnell
Everything you say about Flash Player is true. From the beginning, it wasn't laid out with security in mind, resulting in numerous and frequent vulnerabilities. Both Adobe and the industry have accepted that and most browser developers and Adobe have scheduled phasing it out.

But Randy is correct that exploited threats are what needs to be focused on. Vulnerabilities without an exploit are just words on the page. 

Further, I don't believe you've taken into consideration the advances made by Apple to guard against current threats as well as most zero day exploits that may appear in the future:
- XProtect prevents the use of any version of Flash Player that is known to have an exploit in-the-wild.
- Flash Player is now sandboxed by the OS so that it should not be able to interact with other processes.
- The user of the Flash Player plugin by Safari can be tightly controlled for each website by the user through Safari Preferences->Websites->Plug-Ins->Adobe Flash Player

Most 3rd party browsers have taken similar steps, as you alluded to concerning Google Chrome, but they actually arrived at this point after Apple quietly implemented their safeguards.

Websites are finally starting to see the writing on the wall and dropping support for Flash in favor of HTML5.

So overall, this security specialist feels the risk has actually been reduced for Mac users over what it was just a few years ago.

-Al-

On Thu, Jan 04, 2018 at 06:08 PM, @lbutlr wrote:
On 4 Jan 2018, at 03:16, Randy B. Singer [hidden email]> wrote:
Flash is easily safe enough that an end user can feel free to use it without worry, as long as they keep it meticulously updated.

Your position is not the position shared by *any* security expert I've found. Flash is trivially exploited and exploitable. I will not run it on my machines and I will not support machines that run it. Adobe has given up on it and announced its end-of-life, and Google has already started the process of disabling Flash in Chrome (right now, flash content cannot play by default, later this year you will need to explicitly allow flash to run at all every time you launch Chrome, and it will be entirely gone by 2020). In addition, the number of pages with Flash has dropped drastically in the last few years.

<https://threatpost.com/flashs-final-countdown-has-begun/127475/> (Aug 2017)
Today, Adobe Flash security holes still dominate the threat landscape. So far this year there have been 60 unique CVEs associated with Flash, 53 rated high-severity allowing attackers to remotely execute code. Earlier this month Adobe patched a serious a local sandbox escape bug in its Flash Player after researchers failed to fix the bug completely in a previous patch.



____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____
Reply | Threaded
Open this post in threaded view
|

Re: Two problems

Doug Hogg

“Flash has been a favorite amongst exploit kit authors for several years,” says Jérôme Segura, lead malware analyst at Malwarebytes. “Due to an alarming number of zero-day exploits distributed via large malvertising campaigns in recent years, many in the security community have urged users to completely remove Flash from their machines.”


:-)

Doug Hogg

Sent from my iPhone

On Jan 4, 2018, at 11:24 PM, Al Varnell <[hidden email]> wrote:

Everything you say about Flash Player is true. From the beginning, it wasn't laid out with security in mind, resulting in numerous and frequent vulnerabilities. Both Adobe and the industry have accepted that and most browser developers and Adobe have scheduled phasing it out.

But Randy is correct that exploited threats are what needs to be focused on. Vulnerabilities without an exploit are just words on the page. 

Further, I don't believe you've taken into consideration the advances made by Apple to guard against current threats as well as most zero day exploits that may appear in the future:
- XProtect prevents the use of any version of Flash Player that is known to have an exploit in-the-wild.
- Flash Player is now sandboxed by the OS so that it should not be able to interact with other processes.
- The user of the Flash Player plugin by Safari can be tightly controlled for each website by the user through Safari Preferences->Websites->Plug-Ins->Adobe Flash Player

Most 3rd party browsers have taken similar steps, as you alluded to concerning Google Chrome, but they actually arrived at this point after Apple quietly implemented their safeguards.

Websites are finally starting to see the writing on the wall and dropping support for Flash in favor of HTML5.

So overall, this security specialist feels the risk has actually been reduced for Mac users over what it was just a few years ago.

-Al-

On Thu, Jan 04, 2018 at 06:08 PM, @lbutlr wrote:
On 4 Jan 2018, at 03:16, Randy B. Singer [hidden email]> wrote:
Flash is easily safe enough that an end user can feel free to use it without worry, as long as they keep it meticulously updated.

Your position is not the position shared by *any* security expert I've found. Flash is trivially exploited and exploitable. I will not run it on my machines and I will not support machines that run it. Adobe has given up on it and announced its end-of-life, and Google has already started the process of disabling Flash in Chrome (right now, flash content cannot play by default, later this year you will need to explicitly allow flash to run at all every time you launch Chrome, and it will be entirely gone by 2020). In addition, the number of pages with Flash has dropped drastically in the last few years.

<https://threatpost.com/flashs-final-countdown-has-begun/127475/> (Aug 2017)
Today, Adobe Flash security holes still dominate the threat landscape. So far this year there have been 60 unique CVEs associated with Flash, 53 rated high-severity allowing attackers to remotely execute code. Earlier this month Adobe patched a serious a local sandbox escape bug in its Flash Player after researchers failed to fix the bug completely in a previous patch.


____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____



____________TidBITS Talk Participation Guidelines____________
Post only when you have something substantive to contribute.
Be polite and constructive, and comment on posts, not people.
Quote sparingly, if at all. We all read the previous message.
Start threads with a new message to [hidden email].
Read archives at: http://tidbits.com/pipermail/tidbits-talk/
Unsubscribe at: http://tidbits.com/mailman/options/tidbits-talk
____Mailing List Manners: http://tidbits.com/series/1141 ____