It might soon be curtains for Adobe Flash Player. Yesterday, Firefox announced that all versions of Adobe Flash would be blocked from its browsers for security reasons. This announcement came hot on the heels of Facebook’s chief security officer calling for a kill date. Apple, notably, has frozen Adobe out of its app development since 2010.
It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day.
— Alex Stamos (@alexstamos) July 12, 2015
The problem stems from the software’s myriad insecurities due to old code that hackers can exploit across Adobe products. So how did this erstwhile basis of apps and video-streaming fall so far out of favor? Let’s take a walk (of shame) down memory lane.
Adobe Flash accounts for 7 percent of known Web plug-in vulnerabilities in Symantec’s 2009 Security Threat Report. (Adobe Reader accounts for 15 percent.)
April 8-9, 2010
Reports trickle in that Apple has locked out Adobe’s Flash-to-iPhone compiler (basically a way to create iPhone apps using Adobe’s Flash CS5 software) from the iPhone 4 S. In Apple’s agreement with app developers, it states: “Applications may only use Documented APIs in the manner prescribed by Apple and must not use or call any private APIs.” Adobe Flash’s Flash-to-iPhone compiler API is built using Flash CS5, a private API that Apple can’t fiddle with. Uh oh.
April 20, 2010
Adobe officially abandons plans to bring Adobe Flash to Apple’s iPhone and iPad. Years of bickering between the two companies ensue.
April 29, 2010
Apple CEO Steve Jobs writes a now-infamous 1,600-word explanation of 6 reasons why Apple products such as iPhones, iPads, and iPods will no longer support Flash, entitled “Thoughts on Flash.” The most important for Jobs was the undesirability of having third-party layers of software between the developer and the platform, which chains developers to libraries and tools that they have to wait for third parties to update, slowing down the development process.
Adobe shelves its Flash software for mobile devices altogether and shifts to HTML5, the more widely-accepted standard for displaying content on the Web. This doesn’t solve much though. As CNN Money notes two years later, Adobe’s source code is so old in comparison to everything else that this is a Band-Aid on a bullet wound.
June 28, 2012
Adobe announces that the Android 4.1 update will not support Adobe Flash by default. It was removed from the Google Play Store on August 15, 2012, though devices that already had it downloaded can continue to use it.
Hackers gain access to the names, encrypted passwords, and credit card information of 3 billion Adobe Flash users. This was achieved through the theft of source code for Adobe Acrobat, ColdFusion, ColdFusion Builder, and other Adobe products. Turns out, Adobe’s core code was so old that knowing just a few lines of it was enough to access the ecosystem.
October 28, 2014
HTML5 is officially endorsed as a stable recommendation by the W3C Committee, 17 years after the last update in 1997. It’s superior to Flash because it has mobile capabilities, a key area where Steve Jobs felt that Flash fell short.
July 13, 2015
Firefox’s support lead Mark Schmidt announces on Twitter that Flash is blocked by default on Firefox browsers due to two unpatched vulnerabilities — vulnerabilities that are unknown to the vendor (in this case, Firefox) and are hence easier to exploit by hackers.
BIG NEWS!! All versions of Flash are blocked by default in Firefox as of now. https://t.co/4SjVoqKPrR #tech #infosec pic.twitter.com/VRws3L0CBW
— Mark Schmidt (@MarkSchmidty) July 14, 2015
“It’s our policy to block vulnerable plugins. What made this block different was that we did it before Adobe made an update available,” Schmid told Digiday. Yesterday, Adobe updated Flash to fix the vulnerabilities, but Schmidt says that the decision was made before the updates were posted. “The public nature of the vulnerabilities, thanks to the Hacking Team dump, were a factor in the decision to block before an update.”
In the end, abandoning Flash might be Adobe’s opportunity to finally embrace the possibilities of mobile and reestablish trust with users. As CNN Money noted back in 2011, Adobe makes no money from the technology when a video is streamed or someone plays a game using Flash technology. Furthermore, as Mary Meeker noted in her 2015 Internet Trends report at Recode’s Code Conference in June 2015, mobile penetration is at 73 percent globally, so a more mobile-friendly technology such as HTML5 would be preferable for web developers and users.
Whatever happens, Schmidt is pleased that this long-standing issue is being discussed. “I’m glad to see the tech community talking about the possibility of an EOL [end of life] date for Flash. I think that’s a good thing,” Mark Schmidt told Digiday.
‘Its inevitable’: Domino’s hungers for attention and context
Attention-based buying is turning into a legendary tale of patient and nonchalance. So when there’s a glimpse of progress, marketers tend to take notice. Domino’s being one of them.
Why Cars.com is driving away from performance marketing and toward influencers
To boost brand awareness, Cars.com is doubling down on its influencer marketing efforts.
Why Unity Technologies is leaning into AI as economic headwinds pick up
As one of the largest gaming companies listed on New York Stock Exchange, Unity Technologies leaned into AI during its May 10 earnings call, with Unity CEO John S. Ricciatello stressing Unity’s “competitive advantages in and around AI.”
SponsoredWhat the measurement and currency discussion really means to TV advertisers
Ali Mack, head of TV and agency, Experian Major streaming video providers have recently made headlines by adopting new currencies for ad measurement, threatening Nielsen’s long-standing TV ratings monopoly. NBCUniversal, for example, has certified iSpot and VideoAmp as currencies for advanced audiences and formed the Joint Industry Committee with Paramount, TelevisaUnivision and Warner Bros. Discovery. […]
Dopamine rush to deeper engagement: short-form video boom fuels brands’ embrace of longer-form content
Audiences craving more are now being treated to captivating longer-form narratives. It’s the addictive nature of those quick hits that has fueled this transformation.
How gamers’ engagement with short-form video is changing
To better understand how modern gamers are engaging with short-form video, Digiday teamed up with Gamesight to pull key points from an exclusive report on gamers’ shifting video consumption preferences.