Watching a little of the ol’ Strong Bad Email today I noticed something a little wacky… a popup. Nothing particularly insidious, mind, just a popup. Hey, aren’t we supposed to have popup blockers these days?
And while it’s true that it’s not impossible to reverse engineer a
swf file, muck about for a potentially offensive piece of ActionScript, then block the script, I think everyone can agree that it’s hardly worth the browser developers’ time and effort to chase a moving target like that… yet. I also think you can tell what we’re dealing with here, and why I’m so concerned.
<object type="application/x-shockwave-flash" data="popit.swf" width="1" height="1">
<param name="popit" value="popit.swf" />
We could be in some serious shit.