||unity-dev|| FYI: Flash Player 9, 0, 115, 0 security hardening can break U2 and other socket server sites!

Discussion list for Unity developers. unity-dev at moock.org
Thu Dec 20 19:27:25 CST 2007 

So if we don't have an overprotective firewall on our server monitoring
connections to port 843, then this particular change shouldn't affect us,
correct? I will go through that document anyway, it looks like there are
other changes as well, thanks for letting us know.

-David R

On Dec 20, 2007 9:21 AM, Discussion list for Unity developers. <
unity-dev at moock.org> wrote:

> www.adobe.com/devnet/flashplayer/articles/fplayer9_security_04.html (the
> whole article is a must-read, but, this is the critical page)
>
> Flash Player 9,0,115,0 introduces new security measures that cause a flash
>
> SWF running in it to "make contact" via PORT 843 during xmlsocket
> connections!
>
> This is only the 1st step of what's to come: newer versions will REQUIRE
> policy files to be served up DIFFERENTLY (than they were required to, up
> until this version) and will cause headaches for us who host/run any
> socket
> server for use with Flash Clients.
>
> This change particularly caused issues with us, as, port 843 (a previously
> unused/unknown port) has always been in the realm of ports deemed to be in
>
> violation of firewall rules -- and in our case, by design and "in purpose"
> -- forced all clients who attempted such connectivity to have their IP
> blocked for a period of time, automatically -- REMEMBER -- this is ONLY
> for
> those clients who have this NEWER version of Flash9 installed and in use
> AND
> IF they call up an swf that tries to make an xmlsocket connection!
>
> So, take note, take heed, this issue is real and coming to all our
> doorsteps
> -- whether we like it or not.
>
> If you're not a developer or host, this affects you in such a way that: At
> some point, if not now, you'll not be able to use a site you've been using
> without issues alllll along.... until.... you updated your flash player --
>
> UNLESS -- we developers/hosts read-up on the deal and follow the sheep!
>
> Sincerely,
>
> -Jayson K. Hanes
> http://flashtampa.com
> --
> you're a unity-dev subscriber. to unsubscribe, visit
> www.moock.org/mailman/listinfo/unity-dev/
>
> superb hosting for this list and moock.org is generously provided by
> Rackspace. See: http://www.rackspace.com/?supbid=moock
>

More information about the unity-dev mailing list