Aardvark Daily

Please visit the sponsor!

Flash finally in the (toilet) pan?

Despite concerted efforts by Apple and many switched-on computer users to flush it, the Adobe Flash Player has continued to infect webpages with its nasty vulnerabilities for many years.

Once upon a time, Flash seemed like a pretty good idea.

It was lighter-weight than Java, offered some cool interactivity and the ability to animate images. It wasn't however, until the ability to play videos was added that Flash really took off. In fact, if it wasn't for Flash, sites such as YouTube would probably not be a big as they are today.

So we have a lot to thank early-Flash for -- but little to thank Adobe for.

From memory, Flash was developed by Macromedia who later sold to Adobe -- and that's where the real trouble began.

It seems that many of the things Adobe touches turn to mud -- at least from the perspective of security.

Fact is that two of the biggest security risks on the Net are both (now) Adobe products.

Their Acrobat PDF reader is regularly subject to vulnerabilities and resulting exploits which get added to the many hack-kits used by script-kiddies around the world

However, of late, Flash has been worse, far, far worse.

Zero-day exploits have become the norm and the vulnerability-count for this month alone is creeping towards 40 identified and documented individual flaws.

Really? Seriously?

How on earth can *any* company sleep straight at night when it's shipping code with so many critical vulnerabilities?

One must also wonder exactly what the source code for this bugfest looks like. I'm picking it is a total mess of spaghetti-code cobbled together with shoddy patch on top of shoddy patch. This is a huge recipe for disaster.

Well now the creators of FireFox have taken a stand and disabled the Flash plugin by default.

If you simply *must* use Flash don't worry though... you can re-activate it on a site by site basis -- although you'd be much better off contacting the sites that don't work without Flash and asking them to please ditch it.

It will be very interesting to see whether there's now a huge shift away from Flash by web developers (here's hoping) as they find their pages increasingly non-functional or inconvenient to use by those Firefox users who don't have the courage to dismiss the warnings their browser now throws at them.

Sadly, I fear that the more lazy web developers out there will simply slap a little graphic on their work advising Firefox users to "upgrade" to a browser that lets them run Flash without complaint.

If this happens we could see a real nightmare.

Instead of forcing Flash off the face of the web, Firefox's move may well diminish their own market-share and actually expose even more people to Flash-based malware because they'll be using browsers which issue no such warning.

Ignorance may be bliss -- until you find your computer p0wnd and all your files encrypted with a demand for money if you want them restored.

I'd like to hear from readers on this matter. What do you think will happen in the wake of this move by FireFox?

Will it flush Flash from the web -- or will it simply see people switching to Chrome or some other browser?

Update: it appears that Google has also disabled Flash in its Chrome browser. The end (of Flash) is nigh?

Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column

Rank This Aardvark Page

Change Font