Older is Better: Flash player plugin for Linux

Here's a link to solve your new Flash woes if you upgraded and suddenly your favorite Flash site doesn't work any more:
Download old-libflashplayer.so

I just uploaded a known working (pre-April 9, 2008) version of the Flash player plugin for Firefox for Linux to the above link at FileCrunch.

Directions: Download the Flash player plugin somewhere, like your Desktop. Then run these commands in a terminal window.

1. cd ~/.mozilla/plugins/
   
2. mv libflashplayer.so new-libflashplayer.so
   
3. mv ~/Desktop/old-libflashplayer.so .
   
4. ln -s old-libflashplayer.so libflashplayer.so

Your plugins directory should look something like this:

todb@mazikeen:~/.mozilla/plugins$ ls -la
total 15892
drwxr-xr-x 2 todb todb    4096 2008-04-10 18:08 .
drwx------ 4 todb todb    4096 2008-04-10 16:48 ..
lrwxrwxrwx 1 todb todb      21 2008-04-10 18:08 libflashplayer.so
-> old-libflashplayer.so
-rwxr-xr-x 1 todb todb 8115888 2008-04-10 17:40 new-libflashplayer.so
-rwxr-xr-x 1 todb todb 8119784 2008-04-10 17:41 old-libflashplayer.so
todb@mazikeen:~/.mozilla/plugins$ md5sum *.so
13ce705df5d47422a9192b29827544e8  libflashplayer.so
1f26a6eeb8c06acf0af9433da2312d54  new-libflashplayer.so
13ce705df5d47422a9192b29827544e8  old-libflashplayer.so
todb@mazikeen:~/.mozilla/plugins$ 

Background:

In the rush to fix the recent Pwn20wn bug in the Adobe Flash player, Adobe managed to break some Flash functionality along the way, as described on Senocular.

And yes, the above fix is only tested on Ubuntu. I haven't tracked down an old Windows version of the Flash plugin, so good luck with that.

(I'm an Ubuntd00d now, no longer on teh Windows.)

Update1: To test what version of flash you have installed, visit Adobe's version test site. If you're on 9,0,115 for Linux, then you're fine. Also, in order for the above to work, you'll need to uninstall the system-wide flash install for your desktop machine. Using apt, it'll go something like apt-get install flashplugin-nonfree- (note the trailing hyphen for the remove function).

Update2: The particular issue that most people will run into with the April update is the new enforcement of the cross-domain policy. More about that on Adobe's site. If you are forced to downgrade, you'll probably want to let the authors of your favorite Flash app know and ask them nicely to read the above link.

Teaching Kids to Program

HacketyHack is a Ruby sandbox designed to teach kids how to program in a way that emphasizes speed and fun. Since I'm attempting to devour anything I can find about Ruby these days, this popped up while surfing around the various "Ruby lifestyle" sites.

Since I have a few kids of my own, I'm hopeful this will come in handy. Maybe I can get my four year old to implement a Ruby TNS listener for me.

New Job For Me

So, I've finally caught my breath.

In the last month, I've a) bought a new house, b) rented out my old house, c) moved my family 7 miles, d) suffered (with said family) some horrible bronchial infection and e) got a new position at BreakingPoint Systems, where I've been doing nothing but brush up on my practical Ruby and XML, and learn various protocol specs so that I can actually perform the job they hired me for (which is essentially modeling real-world protocol implementions in, you guessed it, Ruby and XML).

I have learned that faithfully replicating a protocol is a lot harder than merely detecting one. :)

So, now that I've caught my breath (figurative and literal -- coughing spasms really suck at 3am), I'll start posting to my dumb blog again, and try very hard to not snipe at the current round of WSJ articles with ridiculous titles about my former employer.

Oh, and I don't have a cell phone at the moment. If you think you know my phone number, you're wrong. E-mail me if you'd like to get in touch.

Document-based authentication failures

So, if you don't have an insurance card handy for when it's time to re-register your vehicle, it's permissible to just make one with your favorite document editor and your favored insurance company logo at the top. The logo seems to be key -- the county worker's eyes went straight to it, and she didn't bother to really read the rest of the surrogate card I produced (so she didn't notice that I spelled "license" wrong).

This is no big shocker, I'm sure, but I haven't posted here in a while and I had to renew my car registration today (which was late, because I never drive the car, which would explain why I didn't have an insurance card handy).

I'm sure this "proof" wouldn't fly if you tried to present it in court after being pulled over, but that's not my problem today.

Identity documents for voting in a more interesting precinct requires even less work. Rightly so, of course -- a fake voter is not a problem that current voting systems put priority on.

Hacker Safe Compromised

At least, it was according to Ryan's new blog. Which seems a little embarrassing to their new owners, McAfee. Oops. According to the report, credit card numbers and CVCs may have been stolen -- which means that Scan Alert, just like most people, were probably storing CVCs along with CC#'s in an unencrypted format. Nice.

Update 2008-01-09: The compromised site in question here is Geeks.com, not Scan Alert. Mea culpa. I got confused by the reported headline, "Hacker Safe Site Compromised." This revelation makes the story far less exciting, since I'm sure the Scan Alert guys scope their protection to just web site stuff, not databases or lost drives or whatever. In fact, I'm sure Geeks.com had at least a couple other devices and applications, like firewalls and antivirus products, too, so the headline could have read "CheckPoint, Scan Alert, Symantec, Apache, and Sendmail site compromised." That said, here's the original letter. Geeks.com is still naughty for storing the CVC's.