Lately Microsoft started to create better products and yet instead of winning they fail. Silverlight is better than Flash & Flex and yet it lost to it not being able to gain any significant market share (Flash is better than HTML5 but lost to it as well, but that’s a different story).

What worries me a bit now is that the truly impressive Windows 7 mobile won’t be able to gain any significance market share. Not yet saying that it’s better than the iOS (iPhone) and/or Android, but it is an impressive OS that didn’t just copy the concepts of the other two. It’ll be interesting to see what will come out of it.

Adobe was in similar situation, it has a very strong hand – Adobe Flash, and has already committed a lot of money on this loss leader. But staying in the game would have required them to put even much more money/resources on it. They would have to be fully committed, they would have to be “all-in”, borrowing from poker again. They could have end up winning the hand but if they will lose they can be out of the game completely.

We should have all known that the iOS will never run Flash. It’s almost like Steve Jobs last words were “exterminate the Flash” – similar to the hate Genghis Khan had for the Tatars when he ordered  “the extermination of the Tata Mongols”

In retrospect, seems like wasting all that resources on porting Flash for the mobile was good only for Adobe and us in the Flash crowed to be able to give Steve and the other mongers the finger, telling them – see, Flash runs well on the mobile! It was supposed to be obvious that Flash will never rich similar ubiquity on the mobile as on the desktop. Than again, everything is easier in retrospect.

There are many reasons why Flash succeeded where 1,000 other plugins failed. And it’s also amazing how a relatively small corporate like Adobe managed to be in front of much bigger competitors, Microsoft with it’s buckets of money and Sun with it’s Java Java Proxy Proxy, to name only two.

I’m just sick of layman’s that are quoting laymen’s that are quoting a reporter that quotes another reporter that quote “someone who knows” that quote anther one that “really knows” – it’s like that game, what’s is name?! The other day I’ve heard from someone who should have known better that – “lake of multithreading killed Flash” – you’ve probably heard that BS before, yep it’s total BS. Add that to the many other miss-consumptions people make regarding this issue and it piles to a big pile of sh<bip>it. I wonder how many of these laymen’s knows the hassle of cross browser HTML development?!

So, congrats on the brave fold Adobe, with the right hand I solute you. On the other hand I give you the finger – f*ck you big proprietary beast, how dare you stab so many people in the back.

The revived attack is exactly the same as my 2008 POC it even uses lots of my code. The different is that instead of using the settings manager html page as the source of the iframe it’s now uses the setting manager swf directly. Actually, this was the first thing I’ve tried after Adobe frame bust the settings manager pages. It didn’t work well for my windows browsers so I’ve ditched it. One of the first comment on my Webcam Clickjacking post created the same thing and gave a link to it (it is now links to an AD). So obviously everyone knew it or at least thought about it – everyone except Adobe.

The Flash Player provide great power on the web, it’s still the only practical mean to interact with the user’s webcam and microphone. You know the cliché, with great power comes great responsibility. Adobe needs to be vigilant when it comes to her users security and privacy, and her users are practically everyone.

Obviously that every new version of the Flash Player should go through vigorous security testing. It’s also needs to be done with every new browser and OS version. That’s a huge matrix but it needs to be done. For example, browser change the way they embed plugins which can easily leads to flaws even if the Flash Player stays the same.

Back than Adobe knew about the ClickJacking beforehand coz they were informed by RSnake and Jeremiah Grossman. They didn’t knew specifically about my POC and the way it exploits the settings manager, but anyhow they should have at least frame-bust every related page. It’s insane that in all of these 3 years no one bothered to at least Flash-bust the settings manager SWF and prevent the resurrection of my POC.

BTW, good job Feross Aboukhadijeh, my name is Guy Aharonovsky – whois is easy…

Yesterday I accidently/stupidly right-clicked on Computer and than went to –> Mange –> Storage –> Disk Management –> right clicked on my external HD and selected “Mark Partition as Active”. Realizing this is not what I was looking for, I wanted to undo it but couldn’t found where. I than had to go, and left my laptop running. When I went back I saw my computer has crushed, might be cause of WinDirStat was running in the background but that’s irrelevant.
Anyhow, I started my computer and got  this message:

BOOTMGR is missing
Press Ctrl+Alt+Del to restart.

Restarting won’t help obviously. Googleing this issue gives you tons of info that basically tells you the same two things – use the windows installation CD and if you don’t have it, like in many OEM machines, or you left it in the office, you can download this windows recovery CD from this obscure website and that will cost you 10 USD.

I think it’s very bad, to say the least,  that any common user can get himself in such trouble without the ability to easily revert it. Even though I knew it was probably cased by marking the external HD as active I can’t say I wasn’t slightly stressed – no boot record can easily mean HD failure.

This is how to fix it without the windows installation disc and without buying the recovery disc:

1. Go and download Hiren’s boot CD. This handy collection of software’s used to include pirated apps, but I believe that it is now legit (since version 10.1, current is 14.1) and only include freewares and sharewares.

2. (Optional step) boot into tiny-XP to see your HDs and files are intact – hopefully. (I wonder how they include this XP legally?)

3. There are many boot (MBR) fixing tools in Hiren’s boot CD, I’ve used the freeware MBRWizard
The command line I used was MBRWizard \disk=1 \part=1 \inactive. This set my external HD as inactive
It’s easy, once you run MBRWizard you get help on how to use it.

That’s it.

Come’on Microsoft, you ask the user all kind of redundant questions like “do you want to see the files of your C drive”  but then let him completely kill the functionality of his machine without the ability to easily revert it. ??!

All that is needed to achieve the magic is this line of code:

window.history.pushState("", "title", "somePath/");

Try it:

Amazing! There is no need for the ugly hash (#) anymore in order to achieve AJAX/Flash deep linking… oh wait… it doesn’t work in IE9 and FireFox 3.x  (yet)

Thinking “I know all that browsers can do” this one got me wondering. I’m coming to realize that even though I still believe I generally know most of its capabilities, with HTML 5 there probably lots of things that browsers can do which I’m not yet familiar with. I swear I will skim through the spec when I’ll have the time, there must be many interesting security flaws in there… or is it?!.

More info here & here

This example and more, were presented by Lee Brimelow today in the FlashIsrael event and he said he just got these a few hours ago from Away3D devs, so chances are you never seen it before.

There were other impressive examples with even much more polygons and such. I’m sure we’ll get to play with all of it in a few weeks when the labs version of Molehill will be available along with the new Away3D engine – - Great!

It was great to finally be able to meet Lee and all the others. After years of reading Lee’s blogs and seeing him in videos, he seems like a truly funny, smart and nice dude… ah yeah… and tolerant for annoying people with cameras — Thanx

The above text, is pretty much the summery of this highly inspiring video called Journalism in the Age of Data. As the name suggest this video is mainly about journalism data viz, but, it is also highly inspiring for anyone dealing with data of any kind.

Many RIA applications today struggle with the ability to present large data sets to the user in away which he can digest and understand.
I would say that many of these new apps, especially in the enterprise space and from the last few years, are built upon the Flex framework.

As RIA developers many of us face these challenges in the day to day work. Obviously, the charts that comes bundled with the Flex framework won’t suffice most of the time, and one would need to relay on third party components or role her own. Not so long ago, its seemed that this area is blooming. The amazing open source projects like Flare and BirdEye. The slick commercial components, IBM ILOG Elixir and KapLab – ridiculously priced and has draconian licensing, respectively.

Today, these open source projects seems to be abandoned and the commercial tools prices seem to increase. The field of online data visualization is exploding and yet the Flex tools seems a bit halted.

The somewhat halted SilverLight with its basic charts and decent third party components. And the HTML5 alternatives, like Protovis, which still needs some maturity – doesn’t seem to provide the alternative.

Anyhow, if one wants to create something “out of the box”, than she needs to use something like Flare as the base and invent her own data viz, other than use some slick, out of the box, components.

InsideRIA has an immense list of with most data visualization frameworks and resources

The Video

I’ve extracted some selected examples, for your convenience:

Many Eyes (Java)
Budget Forecasts, Compared With Reality (Flash)
The Jobless Rate for People Like You (Flash)
In graphics: Eurozone in crisis (HTML)
The Stimulus Tracker (Flash)
Crash: Death on Britain’s roads (Flash, HTML)
How Different Groups Spend Their Day
The Crises of Credit
Last.fm Listening History – What have I been listening to? 
Eurovision Song Contest 2008 (Flash)
Google public data explorer (Flash, HTML)
Oakland Crimespotting (Flash)
Tracking Taxi Flow Across the City

Blogs:
http://infosthetics.com/
http://www.visualcomplexity.com/vc/
http://flowingdata.com/
http://blog.blprnt.com/
http://www.good.is/infographics
http://eagereyes.org/
http://www.guardian.co.uk/news/datablog
http://well-formed-data.net (not from the video)

In order to be able to run the Flash Player Debugger with Chrome:

1. Go to about:plugins (past it in the address bar)
2. Click on “Details” to see the full view (top-right)
3. Search for this gcswf32.dll and click the “Disable” link just below it (be sure to click the first “Disable”)
4. Install the Netscape-compatible plug-in from here.

Next time you will start Chrome it will use this debug player.

-> Browse to any file or directory

It’s essential to be able to easily browse to the resource you’re currently looking at. There should have been a built in way to do this.

1. Click on, Run –> External Tools -> External Tools Configuration (Alternatively, click on the Favorites icon and select "External Tools Configuration")

2. Inside the "External Tools Dialog" -> Select "Program" -> click on the "New Launch Configuration" icon.

3. Inside the "Main" tab (Default) set:

• Name: Explorer
• Location: c:windowsexplorer.exe
• Working Directory: c:windows
• Arguments: /select,"${resource_loc}"

4. Go to the "Build" tab and uncheck "Build before launch"

5. Go to the "Common" tab, look for "Display in favorites menu" and check "External Tools"

You can now select any file or directory from the “Package Explorer” and browse straight to it’s location in windows explorer.

-> Extending with batch files – kill all IE processes

Flash Builder 4 can be extended using batch files (Shell Scripts on the Mac). This example uses a batch file to kill all opened IE processes before launching a new debug session.

There are a few reasons to debug a Flex app in IE. Firstly, some users still use it, and secondly I don’t want the precious tabs that are opened on my other useful browsers to be bothered. Occasionally, IE processes are left running in the background even though debug session was ended. Sometimes I simply didn’t closed the browser before running a new session. Both of these cases lead to the consuming of needed memory and slows down the system.

A batch file is merely a text file with a .bat extension.

1. Create a new text file.
2. Edit this file with any text editor –> Copy paste this line into it: taskkill /F /IM "iexplore.exe"  -> Save this file as kill_iexplore.bat (Double clicking on this file will kill all IE processes)
3. Click on, Run –> External Tools -> External Tools Configuration
4. Inside the "External Tools Dialog" -> Select "Program" -> click on the "New Launch Configuration" icon.
5. Inside the "Main" tab (Default) set:
   Name: Kill Internet Explorer
   Location: c:kill_iexplore.bat
   (depending on were the file is saved)
6. Go to the "Build" tab and uncheck "Build before launch"
7. Go to the "Common" tab, look for "Display in favorites menu" and check "External Tools"

– In Order to kill all IE processes before launching a new debug session

1. Right-Click on the flex project –> Select “Properties”
2. In the properties dialog select “Builders” –> Click on “Import” and select “Kill Internet Explorer” from the list.

-> Link with Editor

This one is very helpful but easily overlooked, it’ll make the Package Explorer and the editor view synchronized.

Click on this icon to make your life better.

-> Some Important shortcuts (For Mac CTRL == CMD, ALT == Option)

Less important shortcuts

P.S. Why exotic?! It made you look didn’t it. And beside, it is somewhat exotic.

P.S.S. At first I thought about writing a short post with only the first tip, but, thinking about it, I think I’ll make this an ever updating page. So if you have any other tip you like to share please write about it in the comments.

There are some code examples of how to implement this feature, and indeed it was a breeze adding it for pure Flash and to Flex 4.x projects. But, somehow I had trouble making it work for Flex 3.x project. I know it’s a player dependent but still something in the Flex 3.x framework killed this functionality.

Anyhow, eventually it did worked for me on the Flex 3.x, but I couldn’t make it to work when even 1 of the libraries, except playerglobal.swc, is external or RSL. I guess there is no escape from monkeying with the RSL loader to see if I can find a solution there.

I’ve mad these examples available, in case you need a complete example and/or also struggling with this feature on Flex 3.x. Also, in these examples I didn’t force the user to update the Flash Player and used a compiler argument -target-player=10.1.0 instead of modifying the html wrapper.

All examples are viewable here, you can right-click on “View Source” or download the complete Flash Builder 4 projects (for Flex Builder 3 project, look at the comments).

GEH Pure Flash

GEH Flex 4.1

GEH Flex 3.5

Note: No need for the FP 10.1 playerglobal.swc to be inside C:Program FilesAdobeAdobe Flash Builder 4sdks4.1.0frameworkslibsplayer10.1 I’ve put it inside the libs folder.