Locked

We urgently need our Flash application.

Community Beginner ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

Adobe, please give us a solution, we need our application today or our business cannot continue.

We know about the danger of using Flashplayer but it's our own application, we use separate computers just for this.

At least give us an old version that doesn't block our own content.

Views

841

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct Answer

Adobe Employee , Feb 03, 2021 Feb 03, 2021
If you can use mms.cfg with Enteprise Enablement, that's way better.  The worry that we're really trying to address is the scenario when (because it's when, not if) the malware/ransomware guys find an 0-day in Flash a year or two down the road, and they start pumping out malicious banner ads to cause widespread damage on users that never update.  By limiting that unmaintained Flash Player to loading just stuff that you trust, you're making it much harder for an attacker to deploy malicious c...

Likes

Translate

Translate
Most Valuable Participant ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

What has your business been doing for the last 3 years after the death of Flash was announced? This is very sad. 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

Have a look in the Adobe Admin Guide:
https://www.adobe.com/content/dam/acom/en/devnet/flashplayer/articles/flash_player_admin_guide/pdf/l...

 

You can place a config file on your system where you can enable your company internals Flash application sites.
E.g. under Linux:
/etc/adobe/mms.cfg:
EOLUninstallDisable=1
EnableAllowList=1
# AllowListPreview=1
# TraceOutputEcho=1
AllowListUrlPattern=https://my-internal-flash-site.com

I hope that helps.

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

@Test Screen Name We provide solar energy components.

@berndh72391550 Thanks, I have tried that but it didn't work.

 

Created mms.cfg with the content you provided under /etc/adobe, rebooted, didn't work.

Also tried mms.cfg for Google Chrome in its own Flash Player folder.

 

😞

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Jan 15, 2021 Jan 15, 2021

Copy link to clipboard

Copied

Have you looked at Apache Royale?

https://royale.apache.org/

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Most Valuable Participant ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

That's even worse. You have a business built on technology and you have done nothing as a company during the 3 years you had to make, buy or upgrade to software that does not require Flash Player. You may indeed go out of business, and that is a pity. 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

We did try to build it with HTML5 twice, losing a lot of money, our Flash application is big and robust.

Now we have a new team of 10 members helping us creating the new one, but it'll take another year to complete.

Despite all effords, our Flash application was so much better and faster even though JavaScript is faster than AS3.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

You cannot compare JS frameworks to Flex framework, the difference significant if you have been working on bigger projects.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

In addition to the Admin guide linked below, I recommend reviewing this industry guide for "Enterprise enablement" preferences and other considerations you should review:

 

https://www.servethehome.com/adobe-flash-player-sunset-looming-over-enterprise-it/

 

 

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jan 12, 2021 Jan 12, 2021

Copy link to clipboard

Copied

Thanks for the answers but somehow it doesn't read the config file /etc/adobe/mms.cfg.

I see no logs or changes.

 

System:

Ubuntu 20.04

Latest Flashplayer for Linux 64bit

Firefox 83

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Jan 19, 2021 Jan 19, 2021

Copy link to clipboard

Copied

I tried to reproduce this on Friday, but wasn't having a lot of luck installing Flash Player via the standard package manager.  It looks like I'll have to do it manually from our generic package, and I ran out of time to mess with it. 


My suspicion is that you need to set permissions on mms.cfg or the parent folder such that they're readable by the Flash Player process. 

 

Also, Firefox 84 drops support for Flash Player.  If you want to continue to get security updates for your browser, you'll want to move to the latest Firefox ESR (Extended Support Release), which will buy you a few more months of Flash support in a browser version that still gets security updates.  At that point, you really want to be migrated off, or you're going to be stuck running unpatched browsers in order to keep browser plug-in support.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Feb 02, 2021 Feb 02, 2021

Copy link to clipboard

Copied

Were you guys able to work around this?  I'm hoping the permission tip got you on the right path.  I got hung up trying to coax the ubuntu package manager into doing what I wanted and realized that I hadn't gotten back to it.

 

If you're still stuck, I'm happy to dig into it tomorrow.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Feb 03, 2021 Feb 03, 2021

Copy link to clipboard

Copied

If you're on Linux and have a system version of Flash Player installed, there are some simple hacks you can do to get it running in a browser by circumventing the timebomb. This is obviously massively insecure, so I wouldn't use this trick for random Flash executables, only with your own software you created and only as a stop-gap as you work to rewrite it.

 

There's a package called faketime (https://packages.ubuntu.com/xenial/utils/faketime) which will let you pass whatever time you want to a process you start with it; install with sudo apt install faketime. Then you can download a separate browser to use just with your Flash apps; Pale Moon version 28.16.0 works for sure (https://linux.palemoon.org/) and can be run from a folder without an install. Then simply start the browser using faketime: faketime '2020-12-03 08:15:42' ~/Desktop/palemoon/palemoon

 

And from there make sure you deny any updates to Flash or the browser you're using, just to make sure it will keep going. Again all this is massively insecure so you should only be using the browser to access apps you wrote yourself as you work to migrate off Flash.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Feb 03, 2021 Feb 03, 2021

Copy link to clipboard

Copied

LATEST

If you can use mms.cfg with Enteprise Enablement, that's way better. 

 

The worry that we're really trying to address is the scenario when (because it's when, not if) the malware/ransomware guys find an 0-day in Flash a year or two down the road, and they start pumping out malicious banner ads to cause widespread damage on users that never update. 

 

By limiting that unmaintained Flash Player to loading just stuff that you trust, you're making it much harder for an attacker to deploy malicious content that would actually run.  By defeating the time-bomb, you're setting the player to load everything from the open web.  An unmaintained Flash Player is not suitable for browsing the open web.  That's just misery waiting to happen.

 

Given that I don't have a better solution in-hand, I don't hate this recommendation (the latest Firefox ESR still supports Flash and is probably a better choice from a browser-security perspective), but please be smart and mitigate your risk.  If your configuration doesn't need to browse the web, take measures to ensure that it can't (force Firefox through a local proxy that limits access to your network, use clever routing rules, etc.). 

 

Writing the "sorry you got hacked, nuke your computer, change all your passwords and lock down your credit file" posts are always depressing, especially when it's avoidable.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines