« Design team looking for ideas and feedback on Fedora 14 themes
Congratulations to Jared Smith »

June 26th, 2010

A quick reminder on 64-bit Flash

Yes, Flash sucks. But many of us need it for one site or another. And lots of us are running 64-bit Linux these days, where Adobe has famously refused (so far) to update the plugin for the recent serious vulnerabilities in Flash, leaving us between a rock and a hard place.

Just a quick reminder – the bad old way of doing things still works…that is, nspluginwrapper. First, get a copy of the Flash plugin from the Adobe web site. Don’t use the yum repo, as it pulls in Adobe Reader as a dependency of Flash (classy move, Adobe) which will result in even more 32-bit crap getting installed on your system than necessary. Just get the .tar.gz, and extract it into /usr/lib/mozilla/plugins (not /usr/lib64). Now do:

yum install nspluginwrapper.i686

(you’ll also need to install the x86-64 package, for most people it should be installed already, but check – thanks Hansvon!)

and it should do its stuff. Remove gnash if you installed it, then restart Firefox, and you should be good to go. If not, use about:plugins in Firefox, and mozilla-plugin-config (useful parameters – -l, -v) at the console as root to diagnose.

Posted by adamw in Mandriva, Red Hat, Technical | 18 Comments »

18 Responses to “A quick reminder on 64-bit Flash”

  • I’ve been trying to make do with epiphany webm support. Figuring most of my Flash needs would be Youtube related. However it’s incredibly sad to see how many websites rely on Flash for critical navigation components of their site (mostly retail i.e. http://arcteryx.com)

    By LG June 26th, 2010 at 7:53 am

  • I’m using Adobe’s yum repo and the flash-plugin package doesn’t require AdobeReader ?!
    Also, I think you need both the i686 and x86_64 packages of nspluginwrapper.

    By Hansvon June 26th, 2010 at 8:02 am

  • Huh, it does for me. ‘yum install flash-plugin’ pulls in Adobe Reader. Oh well.

    You’re right about nspluginwrapper, but the x86-64 version is actually installed by default, or was for me anyway. I’ll add a note just in case, though. thanks!

    By adamw June 26th, 2010 at 9:41 am

  • yup, that’s what I found. Plus not all Youtube vids are available in WebM, yet. And I can’t really switch to Epiphany as I rely heavily on browser history and there’s not an easy way to export that from Firefox, AFAIK…

    By adamw June 26th, 2010 at 9:42 am

  • I found that installing alsa-plugins-pulseaudio.i686 made flash work a lot better since it would play nicer with pulseaudio.

    By Stephen Moehle June 26th, 2010 at 9:47 am

  • You should try lightspark. It looks like a promising project and works well with youtube.

    http://sourceforge.net/apps/trac/lightspark

    Maybe someone will create a package on rpmfusion. It requires ffmpeg.

    By Andreas Schneider June 26th, 2010 at 11:47 pm

  • Here’s a question: Since Google Chrome is available in 64bit, and includes Flash, does it bundle the latest 64bit version of Flash, not currently under development?

    By Isaac Fischer June 27th, 2010 at 9:07 am

  • Again, just Youtube isn’t really the issue. Lots of sites use Flash, and most of them don’t work in Gnash or Lightspark.

    By adamw June 27th, 2010 at 1:27 pm

  • I found that installing nspluginwrapper.i686 would somehow also try to install some non-english builds of Adobe Reader. I got around that problem with the following command:

    yum install nspluginwrapper.i686 -x AdobeReader_sve -x AdobeReader_suo

    By Aram Agajanian June 27th, 2010 at 8:04 pm

  • aram: like I said, don’t enable Adobe’s repository. It’s full of weird dependencies.

    By adamw June 27th, 2010 at 9:28 pm

  • I’m not convinced that it actually MATTERS if you update this plugin. Adobe doesn’t exactly run tight code, its surely loaded with other vulnerabilities.

    Best bet is probably to stick with the latest 64bit (there’s no proof that the newer 32bit plugin is any more secure), and run one of those flash blocking mozilla add-ons. If you *really must* view the flash, then you can judge whether or not you trust the source enough to actually activate it.

    By DH June 28th, 2010 at 4:44 am

  • “Adobe doesn’t exactly run tight code, its surely loaded with other vulnerabilities.”

    Well, sure, but normal security practice is not to run code with known public vulns. A vulnerability that everyone knows about because it’s been massively publicised and is known to be being actively exploited is more of an issue than potential vulnerabilities that haven’t yet been exposed.

    “Best bet is probably to stick with the latest 64bit (there’s no proof that the newer 32bit plugin is any more secure)”

    It has the major vulnerability that was widely publicised fixed, that makes it more secure in my book!

    “and run one of those flash blocking mozilla add-ons”

    NoScript does this, so I get it for free.

    By adamw June 28th, 2010 at 7:11 am

  • If you don’t run them, they can’t hurt you and knowing that there are probably LOTS of other equally “disastrous” defects in it, you really should be careful about running flash to begin with.

    Again, just because one bug was found doesn’t prove that it is safe, and it is definitely NOT WORTH running to begin with and certainly not worth installing nspluginwrapper for…

    By DH June 28th, 2010 at 9:52 am

  • “Again, just because one bug was found doesn’t prove that it is safe”

    This you can say of any piece of software.

    “Again, just because one bug was found doesn’t prove that it is safe, and it is definitely NOT WORTH running to begin with and certainly not worth installing nspluginwrapper for…”

    This isn’t a judgment you can make for anyone else, only for yourself.

    By Adam Williamson June 28th, 2010 at 10:00 am

  • You can use the Adobe repo on 64-bit without pulling in the Adobe Reader. Here’s a thread about what’s going on with the dependencies:

    http://lists.fedoraproject.org/pipermail/users/2010-May/373309.html

    and I also made a few comments near the end of the 64-bit Flash thread

    http://forums.fedoraforum.org/showthread.php?t=205642

    regarding this issue. It’s basically a matter of first getting the right packages installed from the non-Adobe repos first, after which it won’t try to pull the Reader in anymore.

    By Andre Robatino July 1st, 2010 at 1:41 pm

  • We have a page on the wiki for this :

    http://fedoraproject.org/wiki/flash

    By Ankur Sinha July 7th, 2010 at 12:30 am

  • yes. Also, I have a blog. :)

    I’m not particularly comfortable writing in detail about non-free software on the official wiki.

    By adamw July 7th, 2010 at 7:33 am

  • Personally, I’d rather enable Adobe’s repo. Yes, it does install some foreign language packages of Adobe Reader, but once I remove them, they don’t come back or cause dependency problems. Interestingly, the last time I used the repo on a new machine it didn’t install anything extra, so it’s possible they’ve fixed it.
    The advantage of using the repo is that they are actually really good about providing security updates in the repo, so you’re probably better off than the Windows folks as far as getting the fix fast. For me that’s worth the one-time hassle of removing the extra packages.

    By Thub July 7th, 2010 at 10:16 am

Leave a Reply

Log in with Persona or OpenID to post a comment without reCAPTCHA.