Flash’s Final Countdown Has Begun
by Tom Spring | August 16, 2017
Few times have there been technologies so reviled and celebrated at the same time as Adobe Flash. Since its introduction as Macromedia Flash Player in the mid-’90s, the technology has helped shape what the web has become today. At the same time, few internet technologies have united so many wanting to kick it to the curb.
…
Replacing it will be open standards such as HTML5, WebGL and WebAssembly.
…
Today, Adobe Flash security holes still dominate the threat landscape. So far this year there have been 60 unique CVEs associated with Flash, 53 rated high-severity allowing attackers to remotely execute code. Earlier this month Adobe patched a serious local sandbox escape bug in its Flash Player after researchers failed to fix the bug completely in a previous patch.
However, despite indicators pointing to a swift death and depreciation of Flash over the next three years, the transition could present challenges for companies. Experts say dependence on Adobe Flash will create legacy issues similar to those of Windows XP.
…
Developer Juha Lindstedt reacted to Adobe’s end of life verdict for Flash and turned to GitHub to petition users there to save Adobe Flash. His goal is to convince Adobe to turnover its Flash code to the open-source community.
In his petition, Lindstedt calls Flash “an important piece of internet history and killing Flash means future generations can’t access the past. Games, experiments and websites would be forgotten.”
The petition has received mixed reviews within the software development and security communities. While some see Flash as bloated insecure code that needs to go away fast, others see handing it over to the open source community as a way to make it more secure and ensure that any legacy instances of Flash—after it sunsets—can be addressed with an emergency patch.
Read the full article here
