User Tag List

Page 3 of 5 FirstFirst 1 2 3 4 5 LastLast
Results 21 to 30 of 46

Thread: Limitations of Vitalize! applications

  1. #21
    No Products Registered

    Join Date
    Dec 2006
    Posts
    1,332
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Limitations of Vitalize! applications

    Thank you Patrick, for that detailed explanation on how to bypass Clickteam security and create a virus using a Vitalize! application.

  2. #22
    Clicker Multimedia Fusion 2
    BrandonC's Avatar
    Join Date
    Jun 2006
    Location
    PA, USA
    Posts
    931
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Limitations of Vitalize! applications

    If you truly wanted to screw someones computer up, even the INI object is capable of doing it. I'm not sure about the exact science behind it, but if I'm not mistaken, a Windows.ini file does exist, and is editable.

    I agree with the idea of giving Vitalize! a security dialog, with a lot of the "unsafe" features disabled by default even. At least then, when we make our games or online applications, we can place popups in our applications saying stuff like "You need to have so and so featured enabled in the options to use this feature."



    I understand that no features were removed or stripped, but if the point to a new version is to evolve, so in the past these features were disabled. How about we enable them and improve quality of the software, but just make sure that the user has the ability to turn them off in case they're overly concerned with security.

  3. #23
    Clickteam Clickteam
    Jeff's Avatar
    Join Date
    Jun 2006
    Location
    Battle Ground Washington
    Posts
    11,822
    Mentioned
    7 Post(s)
    Tagged
    2 Thread(s)

    Re: Limitations of Vitalize! applications

    Its not an open INI rather a specific INI file
    Use it and see its completely safe.

    I would love to see someone take advantage of it then we would have to remove that option or take further steps to protect the inocent web vistor. It would be very important so please try to do something unintended with it and see if you can.

    No one has so far but maybe someone here is smarter then everyone else who has used Vitalize over the last 5 or 6+ years.

  4. #24
    Clicker Multimedia Fusion 2 DeveloperiOS Export ModuleSWF Export ModuleUnicode Add-on
    LIJI's Avatar
    Join Date
    Jun 2006
    Location
    Israel
    Posts
    1,175
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Limitations of Vitalize! applications

    Binary Array doesn't have Zlib features, which is a key feature for me.

  5. #25
    Clicker Multimedia Fusion 2 DeveloperSWF Export Module

    Join Date
    Jun 2006
    Posts
    6,773
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    Re: Limitations of Vitalize! applications

    Yes it does..

  6. #26
    Clicker Multimedia Fusion 2 DeveloperiOS Export ModuleSWF Export ModuleUnicode Add-on
    LIJI's Avatar
    Join Date
    Jun 2006
    Location
    Israel
    Posts
    1,175
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Limitations of Vitalize! applications

    Ah, I see now.

  7. #27
    Clicker Fusion 2.5 (Steam)Fusion 2.5 Developer (Steam)Universal Windows Platform Export Module (Steam)

    Join Date
    Jul 2006
    Posts
    2,023
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Limitations of Vitalize! applications

    [edited by user's request]

  8. #28
    Clicker Fusion 2.5 DeveloperSWF Export ModuleInstall Creator Pro

    Join Date
    Jun 2006
    Location
    France
    Posts
    1,266
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Limitations of Vitalize! applications

    [Edited as response to last post]

  9. #29
    No Products Registered

    Join Date
    Jul 2006
    Posts
    2,289
    Mentioned
    0 Post(s)
    Tagged
    1 Thread(s)

    Re: Limitations of Vitalize! applications

    I don't know about other people, but I don't think of myself as "overly" concerned about security.

    I have, (and always advise others to have) a good firewall, antivirus, and spyware software. My email client is also very careful about incoming, and I never execute an attachment from it.

    Now, even though users, (including myself) would really like to have the Vitalize! file issue work in their favor, I have never, and will never, enable any of the features in Flash that would compromise my machine.

    The only exceptions I can think of, (and they are valid) would be if a was taking a college course, or something involving a trusted institution that was critical. But then, there are other methods for that and I probably wouldn't have to, anyway.

    The requested ability to save and load data is outweighed by the need to keep Vitalize! safe and secure. Even if people had a option to enable it, they certainly would most likely have some antipathy towards Vitalize! or CT if their decision turned out to be a tragic one.

    I think we can all agree that getting people to install Vitalize! with confidence outweighs the rest for now.

  10. #30
    Firecodemonkey

    Join Date
    Aug 2006
    Location
    London, UK
    Posts
    461
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Re: Limitations of Vitalize! applications

    Quote Originally Posted by Patrick
    I could as well write a "KILL C:\*.* -F" command, compile my VB project and have it executed :P so much for the security then.
    If you get your users to save an EXE to their computer then you can do what you want. Vitalize! applications download and run as soon as you visit the page, so obviously we are not going to allow any potential for abuse.

    The browser does have a cache. If you download a large file - music, or a map - it will be stored in the browser's cache so that next time you need it, it's already downloaded. But this doesn't extend to creating files in the cache.

    We are aware that other comparable plug-ins can save data into a very restricted folder. I have to emphasise the fact that it's a restricted folder and even other web applications can't touch it; it's unique to that application, and only for saving and loading persistent data on the user's computer only.

    If we decide in the future we want to do this, the extensions' saving routine must all be recoded so that it works properly within this restricted folder, e.g. disallowing saving to "C:\boot.ini". This requires more work already, it's not a simple change, and we'd have to decide on the best way to accomplish a safe save/load and commit to it in future versions of Vitalize! too, so we need to get it right first time. If there's an exploit then poof - people's trust in V! is gone.

    No wonder we are wary to implement a feature that could cause trouble and less than 1% of people actually need.

Page 3 of 5 FirstFirst 1 2 3 4 5 LastLast

Similar Threads

  1. Limitations
    By Corlagon in forum XNA Export Module Version 2.0
    Replies: 2
    Last Post: 5th June 2012, 01:24 PM
  2. Any limitations on MMF2
    By ASD in forum Multimedia Fusion 2 - Technical Support
    Replies: 5
    Last Post: 11th August 2011, 08:58 PM
  3. Replies: 56
    Last Post: 4th July 2011, 04:23 PM
  4. Limitations of OS
    By dollar in forum Install Creator and Patch Maker
    Replies: 5
    Last Post: 7th April 2007, 01:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •