• Would Open Source Flash Player Be Safer?

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Would Open Source Flash Player Be Safer?

    Tags:

    Author
    Topic
    Kirsty
    Manager
    August 16, 2017 at 11:01 pm #129746

    Flash’s Final Countdown Has Begun
    by Tom Spring | August 16, 2017

     
    Few times have there been technologies so reviled and celebrated at the same time as Adobe Flash. Since its introduction as Macromedia Flash Player in the mid-’90s, the technology has helped shape what the web has become today. At the same time, few internet technologies have united so many wanting to kick it to the curb.

    Replacing it will be open standards such as HTML5, WebGL and WebAssembly.

    Today, Adobe Flash security holes still dominate the threat landscape. So far this year there have been 60 unique CVEs associated with Flash, 53 rated high-severity allowing attackers to remotely execute code. Earlier this month Adobe patched a serious local sandbox escape bug in its Flash Player after researchers failed to fix the bug completely in a previous patch.

    However, despite indicators pointing to a swift death and depreciation of Flash over the next three years, the transition could present challenges for companies. Experts say dependence on Adobe Flash will create legacy issues similar to those of Windows XP.

    Developer Juha Lindstedt reacted to Adobe’s end of life verdict for Flash and turned to GitHub to petition users there to save Adobe Flash. His goal is to convince Adobe to turnover its Flash code to the open-source community.

    In his petition, Lindstedt calls Flash “an important piece of internet history and killing Flash means future generations can’t access the past. Games, experiments and websites would be forgotten.”

    The petition has received mixed reviews within the software development and security communities. While some see Flash as bloated insecure code that needs to go away fast, others see handing it over to the open source community as a way to make it more secure and ensure that any legacy instances of Flash—after it sunsets—can be addressed with an emergency patch.

     
    Read the full article here

    3 users thanked author for this post.
    Elly, MrBrian, AlexEiffel
    Reply | Quote
    Viewing 3 reply threads
    Author
    Replies
    • AlexEiffel
      AskWoody_MVP
      August 17, 2017 at 9:17 am #129779

      Interesting.

      I would not want Flash to be saved, I want it removed from all the Web, but it is true that lots of old parts of the web won’t be accessible no more because it won’t have been converted to something else. I am thinking about small kids game portals that took years for the developers to build, for example.

      One great thing about the web is you could be sure if you did a web page in html that it would probably still works 20 years from when you coded it. Old computer, new computer, new devices like smartphone, it worked, even if not always in the most usable way (smartphone). Interesting to compare that to doing an App on a platform that might require you to maybe update the code of the app every year so it continues to work.

      The web should be a place where technologies are accessible for a long time while allowing for evolution. I think it has been a success on the browser side. Only third-party add-ons proved less sustainable (Java, Flash…). Hopefully, html5 will cover all the gaps left and this early part of the web will be the only one lost.

      One great thing about the web is its accessibility. It was and is still not hard for someone with an idea to share to build a simple web page and give it to the world. That is a wonderful thing. Non-techies can share all their non-techies great ideas as much as the techies.

      1 user thanked author for this post.
      Elly
      Reply | Quote
    • anonymous
      Guest
      October 3, 2017 at 10:31 am #133079

      ? says:

      anyone noticed that the settings in the flash control panel now revert to allow flash to store info on the hdd?

      Reply | Quote
    • anonymous
      Guest
      October 10, 2017 at 4:06 am #136021

      ? says:

      If anyone is interested, please see:
      “Local Settings Manager Won’t Retain Settings”

      https://forums.adobe.com/thread/2385788

      according to this discussing “Staff” indicates the problem will be addressed in the next release scheduled for tomorrow  Tuesday 10/10/2017.

      I guess we will see

      2 users thanked author for this post.
      Elly, MrBrian
      Reply | Quote
    • Cartoonist Aaron
      AskWoody Plus
      October 24, 2017 at 10:29 pm #140588

      The idea of Flash being open is interesting, but it makes me wonder. Why is Flash so prone to security holes in the first place? And whatever the reason is, can it be fixed so it’s not so prone to holes?

      LABS - a family friendly webcomic about scientists, robots and Wisconsin
      1 user thanked author for this post.
      Elly
      Reply | Quote
    Viewing 3 reply threads
    Reply To: Would Open Source Flash Player Be Safer?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    May 2025
    S M T W T F S
     123
    45678910
    11121314151617
    18192021222324
    25262728293031

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.