Creating more secure SWF web applications

Friday, 4 January 2008, 12:06 AM EST

Adobe frequently updates the Flash Player software security model to improve the security of the Flash Player environment. However, that only addresses half of the overall solution to help securely deploy applications that run in Flash Player. As the web developer, you must also correctly leverage the tools provided by the ActionScript language and the Flash Player platform to help ensure that your SWF files are more secure. Poor programming conventions can expose SWF files and the sites that host them to web attacks. Adobe provides many resources to developers such as their Secure Programming Guide to assist with developing more secure code.

This article outlines many of the security considerations associated with common tasks and provides samples of techniques that can be used to help secure code against those threats. Links to the full documentation are provided throughout the article for further reference. These techniques are designed primarily for the Flash Professional development environment but they can also be applied by Flex developers.

At Adobe.

[ Read more ]


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th