Silverlight finally becomes popular ... with crims Silverlight has become a choice target for VXers who are foisting nasty exploit kits (EKs) on users through hacked advertising networks. Attacks targeting Silverlight have spiked since 23 April as attackers look for web platforms to target now that Java and Flash have cleaned up their acts a bit. Cisco lead threat researcher …
"It most likely will be unpatched. End of life tends to mean that."
What it means depends on how important you are.
'EoL means EoL', is what MS will say when some malware exploits an unmatched vulnerability to cause pain and hardship to XP users.
Should someone manage to break the portion(s) of Silverlight which are used to implement, for example, Netflix's DRM (which subsequently allows Netflixers-on-XP to save unencrypted movies) I'll bet'cha a beer that MS won't be telling the film studios execs that 'EoL means EoL'.
My company is still developing software using Silverlight even though they knew years ago support was going to be limited. Unfortunately they've also not made their software forward compatible so customers have to stay on the version it was written for, updates whilst planned are not yet completed. Lets hope they keep their PCs off the internet (highly likely given the customers)!
I have Silverlight install for one reason only, Netflix needs it. That's it, nothing else uses it.
One or two other media streaming services use(d) it. I suspect because there's DRM in there.
Someone should find a 'xploit to remove the digital rights infection. It may or, may not sway Microsofts daft hand at issuing a Patch. But, it might encourage Netflix and the like to move on to HTML5, with its Adobe infected Firefox backed DRM instead. So those on Linux can also start to use the Service if they so wished.
It would be a different matter if we were talking about content you bought and owned and where there is a reasonable expectation to be able to play content on any device, transfer it etc.
But Netflix is streaming subscription service. Streaming and rental services should be able to employ any DRM and support any platform they see fit in order to protect it from casual ripping.
I'm sure these services hate Silverlight and would prefer if they could support browsers in Linux, but until a viable alternative appears such as EME in HTML they won't because they can't.
I'm getting by without Flash on my personal PCs as well as no Silverlight. Usually it's OK but I still come across fucknut websites that are "written in flash" rather than "enhanced by flash" but the number is reducing. Apple can take some credit for this. Now if the BBC were to ditch flash as well...
Java is also blocked from running on my browsers as well. This has had less of an impact than not installing Flash as you'd imagine. Java is still installed for applications that require it, just no browser plugins.
I'm just about positive that all DRM is being exploited by nation based bad actors using it for industrial espionage. From what has happened to my clients, the forensic trail leads to this reality. We are all losing our national interests to the MPAA and the industry's greed.
I have direct evidence that the crapware that MPAA REQUIRES is being taken over by nation states, at least in this criminal environment. Why do people just trust these spywares in their computer? Anyone that makes software/hardware powerful enough to turn off your monitor, intercept your email in a MITM attack, reboot the computer without warning, block necessary SSL certificate updates, and quite frankly are so cocky they even put notes in files without really trying to hide them on what the target was doing last time they took them over, so they can pick up where they left off! This is a disgrace, and I've been fighting it since 2006. All you have to do is read the news headlines, some of them here at the Reg to see this has been going on for some time. Why trust something you absolutely have no control over, like NAA and MPAA authorized spyware? That is just naive if you ask me!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
