There was a time when Adobe Flash was a key tool for providing multimedia content on the internet. If you wanted to watch videos, listen to music, play games, or view interactive content you needed to install Adobe’s browser add-on.
But these days there are other technologies including HTML5 which support many of the same features without the need for a browser plugin. You don’t need Flash to watch YouTube videos, play many games, or perform many other activities on the internet without worrying that a pop-up window is going to tell you that Flash has crashed.
There are still some sites that rely on Flash, which is probably why Adobe continues to release new versions of the tool (even though the company killed Flash for mobile devices ages ago). But that hasn’t stopped Mozilla from blocking the Adobe Flash Player add-on for its Firefox web browser… at least for now.
Mozilla’s Mark Schmidt announced the move in response to several new vulnerabilities discovered in Flash which could allow malware to infect a PC running the plugin. Users can still enable support for Flash on their own if they want to take the risk.
Firefox will stop blocking Flash once Adobe releases an update to patch those security holes.
Meanwhile the head of security for Facebook wants Adobe to just put Flash out of its misery already. The idea is that right now some people still need Flash, because some some websites continue to rely on it. But if Adobe announced that it’d be killing the product in a year, or 18 months or some other time frame, it’d give web developers time to find alternatives.
Of course, if Adobe does stop supporting Flash in a few years, any websites that haven’t switched to newer technologies may cease to work… or even worse, they may continue to work for folks using older versions of the plugin… but they may be vulnerable to security threats.
What do you think? Is it time for Adobe Flash to die? Or are you worried about what would happen if Adobe does kill it?
The Cert email from the government actually provided a link to this article on click to play.
Flash is evil, it needs to die.
Not only a security issue, but also a performance hog.
Setting a date will definitely get companies/developers to move faster in getting more secure alternatives up to par. At least faster than their efforts right now.
Flash has become a terrible resource hog under firefox. On some of my boxes I keep it disabled by default because it gets pretty bad.
Flash does fill some gaps that HTML5 doesn’t fulfill, so I’m not sure it can completely go away, but I’d love to see developers stop using it unless they absolutely have to.
Yes, I wish they would announce a date and follow through. It would be the only way to get some companies to switch. Otherwise they will not see the point of investing more money than they spend to maintain what they have.
A lot of sites still use it. Silverlight is another problem.
Amazon video uses flash. I believe PBS video uses it. I think HBO Go on the web uses it. A lot of places.
lol Flash is nice for animation, but beyond that youtube has mostly replaced it for distribution. Flash is terrible it somehow figures out how to overload every processor ever..
“Meanwhile the head of security for Facebook”… the same company that keeps using flash for it’s videos while tons of other companies already use HTML video? I’ve uninstalled flash for years now, and facebook is the only place where I need it from time to time.
I’m working for a Top-500-Forbes company and we still have to use Internet Explorer 8 (with a sh*tload of ActiveX components) and Adobe Flash 16 everyday.
Bullshit. Html5 is not ready for prime time for serious enterprise applications . Flash is still the only answer for serious applications at this time. It is my wish that Apache FlexJS will get off the dime soon… just my 2 cents. Gh
Enterprise applications (should) live in a much more controlled environment. Deployment is typically much more tightly controlled and should present much less of a threat to users than people randomly surfing the web.
Glad that Flash is finally going to die. Next in line will be Java.
There are multiple web tools with historical vulnerabilities besides just Flash and we’re still using most of them, not because we want to but because there is nothing yet to replace them that gets the job done as well, or as easily, and thus we still need them and until that changes we’re stuck with them…
But if there was a good replacement released then we will drop Flash, and the others, in a heartbeat…
Why didn’t Adobe design a QUALITY product years ago, rather than reacting to exploits?
Adobe didn’t design it. Flash used to be owned by Macromedia before they got bought by Adobe.
Adobe bought Macromedia ~10 years ago. I would have expected better results by now.
When I first remember it, which was in the Macromedia era, it was something like a 300kB plug-in. A reasonable chance of a code-base to be able to keep control over, security and stability-wise. Now the latest Adobe update to fix their colander weighed in at 17MB. Go figure!
I’ve been saying this for probably at least 5 years. Adobe Flash has been a security issue for a long time, but even before it was a plug-in I had at least one site which I needed to use which required it. It’s been impossible to avoid.
For quite some time I’ve had it set up to require permission to run each time my browser comes across some Flash content.
Comments are closed.