Philosophical question
is it really still the same flash due to the number of patches and fixes it's had?
Adobe has issued an emergency security patch for two bugs in its Flash player – after North Korea's hackers were spotted exploiting one of the flaws to spy on people investigating the creepy hermit nation. At the start of the month, South Korea's Computer Emergency Response Team put the world on alert after it found miscreants …
I mean we are talking about 1990s software dealing with ill-defined binary formats here. It has to deal with all the workaround of bugs in the software creating Flash files. It has to be able to parse long dead file formats in order to maintain compatibilty. All of that was written in the 1990s with its typical code quality. I'm sure that the current developers are scared about touching it, as it might bring weird side effects as bugs in that code might have been used by some files out there.
BTW I came here at this late hour to comment on the successful Falcon Heavy launch. Maybe Vulture South is on the case.
I just watched it on the BBC website.
It was impressive seeing both boosters land simultaneously. Without falling over or exploding.
Shirley Adobe should just end support for Flash, like now, not in two years or whatever.
All of these issues/CVEs that seem to appear more than once a week must not only be a risk and embarrassing, but must cost $$$ in dev to patch and fix just in time for the next one to rear its head in time for the weekend. Doesnt't seem logical at all to keep this up for this "free" software.
Seriously Adobe, kill it. Do it now and save all of us, and you, all of these problems.
"Seriously Adobe, kill it."
How would Adobe do it - by stopping all support immediately and let the bugs roam free? What would that accomplish - millions of never to be patched browser/plugin combos?
Since there is no kill switch (or perhaps the final update will disable it or prompt?) the only way to "kill" Flash in even remotely well handled manner was for Adobe to inform that support will end by the end of 2020 and to honor that commitment. Yes, the development on a dead-end technology for almost 3 years now costs money to Adobe but for me that is praiseworthy whereas pulling the rug from under it is something more associated with e.g. Apple which may inform *afterwards* that 'by the way, Safari and QT haven't been supported for some time now.'
Since there are still plenty of Flash based services available (someone mentioned BBC) it will take time to move. Whether because of transcoding the movies, music etc. media to something more suitable for HTML5 presentation or for whatever reason (DRM?). HTML has only in the last few years caught up with the capabilities Flash had 20 years ago.
"The first thing I do on a new computer is delete IE and Edge, or at least delete their shortcuts, which is usually enough to encourage the user to browse with something else."
If the user doesn't have the blue 'e' icon on the desktop he won't be able to download that other browser. Worst case scenario: he still has an old CD from the ISP welcome package and you'll find him browsing with NN 3.02 when you're next time checking the computer!
"delete IE and Edge, or at least delete their shortcuts, which is usually enough to encourage the user to browse with something else."
IE, sure, but Edge is faster and has had way fewer holes than most other obvious choices like Chrome. And it's not spyware by design either.
I was a flash developer for over a decade, stopped using the day Apple blocked the plugin on iOS.
Nobody develops for flash, but AIR is still used heavily. AIR is built on flash for mobile apps so good to patch bugs still, but seriously Adobe needs to stop supporting the browser plugin. I don't understand why they still do?????
They bought it from Macromedia and then turned it into garbage anyway. Just let go adobe. Let go....