JD on EP

Why is it so difficult to find the debugger version downloads? I've been browsing the Flash Player section of the Adobe site for about 10 min. and I still haven't found it... The Adobe site is such a maze and so badly designed...

[jd sez: It's kept away from the consumer-oriented download page. It's at support/flashplayer, in the "downloads" link.]

"[jd sez: It's kept away from the consumer-oriented download page. It's at support/flashplayer, in the "downloads" link.]"

Yes I understand that but actually finding it is almost an impossible task. Say I go the consumer Flash Player download page. At the top there is a breadcrumb navigation. I assume that one step back, by clicking on "Flash Player", would bring me to a menu where I might be able to find my downloads. clicking it does bring me to a menu where I can select a very fancy web 2.0ish "developer" tab (try deepling linking to that page ;). Now, I assume that I would be closer to finding what I need. But nothing in that menu resembles what I need. Out of frustration, I choose "Flash Player Developer Center" (most generic). Here I see, to my joy, in the right side menu a "Flash Player Download Center" link. There must be heaps of Flash Players for download there? Nope. It brings me back to the consumer download page where I started. So much for a download "center".

I know its there. Its just impossible to find. I've been visiting the Adobe site for over 8 years now (formally the Macromedia site) and navigating it has always been a complete frustration. But I guess it's just me...

[jd sez: I also have problems with navigation on many large sites. Next time, search term "adobe flash player debug" will be quicker. There's also a website feedback form, uh, somewhere... ;-) ]

A concise presentation of some of the security improvements, from The Register:

DNS rebinding isn't the only way whitehat and blackhat hackers have been able to force their way into routers and other network-attached devices. Cross-site script (XSS) attacks, which allow attackers to inject malicious code into trusted web pages, have been known to do the same thing. So has Universal Plug and Play (UPnP), a feature that ethical hacking outfit GNU Citizen in January said made many home routers vulnerable to take-over simply by luring an attached computer to a booby-trapped website.

But those methods are made possible by design flaws, either in the router or in a software component, such as Adobe flash [sic], according to Kaminsky. That means they can be fixed in a relatively short time. Indeed, Adobe today pushed out a major Flash update that Kaminsky said neutralizes the router attack using UPnP.

The update also minimizes much of the damage that could have been caused by Kaminsky's DNS rebinding attack. Previously, Kaminsky could commandeer devices using a host of protocols, including Remote Desktop, Windows file sharing, and proprietary Oracle database calls. Now, the attack is limited to devices with web interfaces.

It's a good thing Adobe has minimized the damage, because the problem itself is not easily fixed. Plenty of legitimate websites balkanize their various services across more than one IP address, making so-called DNS pinning unworkable. Eventually, he says, browser makers will be forced to build in controls, but he said that won't happen for a while. [emphasis added]

So, is this why the adobe website barely works at all? Every adobe page I click, I wait minutes for it to attempt to paint itself. Everywhere else on the Internet seems to be ok, but adobe's website runs like a one-legged dog -- miserably, painfully, ludicrously bad. I just don't know any other company that makes a flash player, or I'd sure go to them instead.

[jd sez: "Raphael" from Hotmail came in on a search engine and hit up several comments here, some from old blogposts. He's got some type of connection problem, but multiple superficial accounts don't allow others to help.]