#### Admin note regarding footers ####

[OMEGA]

Originally posted by tiGRAN=-2001
and..how can you prevent that?
that seems easy for a hacker

It wasn't, thats why you guys get no flash footers. Quit crying like babies over a footer on a message board somewhere on the internet.

[Damaso]

Who cares about footer anyway?

[dpark]

Ummm... I don't really care about the footers... but I think everyone is going to take that personally... if you see any torches blowing fire your way... step back at least 30 feet... mmmkkkkaaayyyy?

[ad_mtk2]

Originally posted by dpark
Ummm... I don't really care about the footers... but I think everyone is going to take that personally... if you see any torches blowing fire your way... step back at least 30 feet... mmmkkkkaaayyyy?

[ad_mtk2]

Originally posted by tiGRAN=-2001
I just posted a new thread asking this question, then i saw this thread, and went back to delete it

Originally posted by ad_mtk2
But if you don't bring them back, then i'll just have to make a screenshot of my footer and save as .gif!!!
Bye for now

no need for screenshot,
you could just publish it as a .jpg or .gif

That wont work as i have movie clips flying around the place and they wont show on the footer...unless you know other wise???

[cougrhky20]

You'd think in a nice community like this one there wouldn't be any problems like people stealing other people's cookies.

About the footers, Id like to have the footers stay whether or not their flash really doesn't matter to me, but the footers allow us to personalize our posts. I guess if you already have your title and pic it doesnt matter, however for lil people like me crawling to the top the footer is all I have...

[beelineuk]

This is a security issue inherent to the functionality of flash, and exists anywhere where a site allows a third party to run a flash movie on their site.

The good thing is flash movies on flashkit can only access cookies from the flashkit domain. So if flashkit want to enable flash footers, it's really an issue over the data flashkit stores in it's cookies, and how this could be used in the wrong hands. I guess some private encryption of the data within the cookies would make it secure, as any accessable data such as username and password would be unreadable to a third party.

Provided it is not possible to create a replica fake cookie from scratch, using data in a real one, (I don't currently know of a way), surely this would solve the problem?

Mike

[eggs-in-Wisconsin]

I miss mine too, but I am learning that nothing is safe out here.
FK? You take all the time you need to!
I'm behind 'ya.

If there are any good programers out there, this might be insriration to help find an answer to this, and other security problems. I wish I could help, but right now, I just don't know how to help, other than to give Flash Kit
All my support in this matter.

Keep up the great work, Flash Kit

[zor]

wouldnt it be possable to restrict the footers to earlyer versions of flash, flash wont let you use flash 5&6 commands if you publish it for flash 4. If you where to find away to restrict it to befor the actionscript that the bug is comeing from was there I wouldnt think you would have a problem..

other then inforceing it.. even then you could probly make some kind of php script to..

[Ed Mack]

Flash 4 had a getURL though.. It can access javascript. How about after the users sign in, it only sotres their names and wheter they are logged or not, and then passwords are not needed if you have the right cookie under the FK domain? It may require editing of the boards, but nobody could get your password. The problem with encrypting it is that it is used in the password field above ^^^^.

[beelineuk]

Bespoke encryption on cookie data would work provided it was decrypted server side, and provided it was not possible to fake a cookie. These can normally only be set by the same domain that reads them i.e. flaskkit.com. The encryption would prevent the hacker logging in manually with any cookie data, and by the very nature of cookies he would not be able to use someone else's cookie data to masquerade himself as authenticated.

However I've just released there's a fatal flaw in this plan whereby it is in fact very easy to fake a cookie using someone else's data, so in fact it wouldn't work at all...

The only other possible solution I can think of, which is quite cunning, is to throw up a JavaScript error on the page to prevent all other JavaScript from executing.

That's a terrible solution in practice, but would in theory work

Seems removing authentication via cookies is the only logical way forward. I can't see MM doing anything because it's not a bug, and even if they did, the ability to misuse it in this case is already out there.

Mike

[FreakTroll]

Well, seeing as I hadn't myself created or even considered a flash footer, this hasn't quite hit home with me, although I did enjoy seeing what could be done within those confines. Quite impressed was I. And now we've but plain images to go on. Heh but still, anyone trying to thieve cookies by this method has too much free time, in my estimation. Well, good luck on the resolution, and I support FK in their decision here as well.

Later folks,
Joe

[electrolux3]

I do, why else do you think I come here? Build a good footer, and get loads of people to look at your site, is that not what its all about? Advertising/publicity/communications is the business we're in.

[david petley]

Originally posted by electrolux3
I do, why else do you think I come here? Build a good footer, and get loads of people to look at your site, is that not what its all about? Advertising/publicity/communications is the business we're in.

never mind, put in a picture (remember the limitations on size, they still apply) and you can have two lines of text which can still be links to sites you want to show off.

If footers to advertise yourself are the only reason you come here, then you are missing out about 99.9% of what this site is about.

So no, that is not what this site is all about. In fact, the footers are probably the most useless part of this site.

People should just forget about them, they are history by the looks of it.

david p.

[swampy]

Originally posted by electrolux3
I do, why else do you think I come here? Build a good footer, and get loads of people to look at your site, is that not what its all about? Advertising/publicity/communications is the business we're in.

No it isn't. Flash development is the business I am in. I have a nice job which pays well, I could care less who visits my site. I'm not out for fame, just a comfortable life.

[electrolux3]

Originally posted by swampy

Originally posted by electrolux3
I do, why else do you think I come here? Build a good footer, and get loads of people to look at your site, is that not what its all about? Advertising/publicity/communications is the business we're in.

No it isn't. Flash development is the business I am in. I have a nice job which pays well, I could care less who visits my site. I'm not out for fame, just a comfortable life.

well as long as you're alright.

the 99.9% of this site that I'm missing is the 99.9% that I don't want to know about, i've got a low boredom threshold and can just about manage 0.1% of this site- and thats only about once every couple of months

[david petley]

Originally posted by electrolux3

well as long as you're alright.

the 99.9% of this site that I'm missing is the 99.9% that I don't want to know about, i've got a low boredom threshold and can just about manage 0.1% of this site- and thats only about once every couple of months

shrug,
you're sorely missed.

Maybe Flashkit should just ask you to take out a banner ad and pay for your advertising like other advertisers who have no real interest in the site.

BTW, you will notice that the banners have one advantage over the footers........they still work.

dp

[ad_mtk2]

Originally posted by david petley
BTW, you will notice that the banners have one advantage over the footers........they still work.
dp

well said that man in the blue hat.

[clifgriffin]

I find it hard to believe this isn't an issue that can be resolved without ditching flash footers.

That said, you could always have an approval system.

You submit your desired flash footer with the source and it is qued to be reviewed by the mods at their leisure.

This is one way you could prevent security breaches.

Just an idea.

[buttclencher]

Originally posted by KLTdesigns5869

Originally posted by buttclencher
hey
pliz give my footer back
i dont have a domain so i dont have remote support for pictures !!
i got to have a flash footer
and u gotta let me have it !!
are u listening mr administrator !!

You have a domain that will host a flash file, but not an image file???

weird

hehehehehe
the truth is i dont have a domain of mah own !!

mah site is hosted on brinkster !!
and as far as mah knowledge goes brinkster does not have remote support for pictures !!