For years now, Adobe Flash files have been a very useful attack vector for hackers and a serious security problem for end users and IT departments. Now, a German researcher is planning to unveil a new browser plug-in designed to prevent many common types of Flash attacks.
NoScript will block Flash, though it doesn’t parse the .swf file and try to sanitize the code, create a new swf file before it is run on the user system. Excuse me if I find this unwieldy and likely to slow browsing even further whilst all this extra processing goes on.
For me I find blocking all flash content easier (being on dial-up) and makes page loading faster and I only selectively run certain swf content.
A standalone plugin doesn’t actually exist yet, but NoScript already (optionally) supports blitzableiter sanitizing. Support was added last April 29. From http://noscript.net/
Experimental external filters for plugin content (e.g. Blitzableiter to sanitize Flash applets). It requires Firefox 3.5 and above, and it can be configured from the new NoScript Options|Advanced|External Filters panel. To activate the built-in Blitzableiter support you need to enable filters, download Blitzableiter binaries and tell NoScript where the executable is. Please notice that Blitzableiter is in its early development stages, and it breaks a lot of Flash content.
Like David, I haven’t wanted to use this feature, but it is available for testing already.
this blitzableiter thing can be implemented through NS for many weeks now, and I don’t use it because it breaks a big number of sites with flash and/or slows down the browsing, so that’s a no thanks for me.