On July 13th, Mozilla announced that it would be “disabling” Adobe Flash in its browsers, meaning that YouTube videos and other Flash-dependent media no longer function on Firefox. A prompt on every page allows users to activate Flash if they so desire, but Flash has been disabled in the browser’s default settings. Soon after, Google Chrome and Facebook followed suit, temporarily removing Flash from their software, and the CEO of Facebook has even urged Adobe to set an “end of life” date for Flash.
These decisions come after revelations that the latest Flash updates had glaring security deficiencies that could allow people to hijack computers. A particular group that has been a thorn in the side of Adobe is the hacking collective Team 0-Days. This team is not to be trifled with, as they can easily sell information to third parties and foreign governments. Not only that, they could infiltrate personal computers and erase their entire drives remotely, along with a bevy of other possibilities.
Steve Jobs has been quoted voicing deep concerns that Flash was one of the most prominent reasons Macs crash, even going so far as to remove Flash as default software on the Safari browser. Users were free to download Adobe Flash if they so desired, but a movement began to abandon the security-challenged software altogether. Adobe Flash has been rushing to create a patch to combat Team 0-Days’ attacks, and if you’d like to check it out, you can click here.
The ground underneath Adobe Flash seems to be crumbling. It’s always been a pest to casual and experienced computer users alike; a program with a monopoly on aspects of the Internet needing constant updates. People have been waiting a while to finally knock Flash off it’s perch, and there may be no more better time than this. Brian Barrett of Wired penned an article this week clamoring for people to “cut the cord” with Adobe Flash and be free of it’s security breaches and ineptitude.
However actively Adobe has been working on Flash Player security, it doesn’t seem to be enough. This week’s mistrials are but the latest in a string of security lapses that have plagued Flash for years. Exploit kits—packets of code that take advantage of these sorts of vulnerabilities in your browser to push malware or ransomware—have used Flash to futz with countless sites. So-called zero-day vulnerabilities (a security hole that hackers find before the software company does) are found on Flash with such regularity they almost feel like a feature.
This has given a rush of morale to the Occupy Flash movement, an assortment of techies, gamers, cat video addicts and the bunch who believe that Flash is not only antiquated, but preventing the modern world from moving forward in technological advances. They even have a manifesto:
Flash Player is dead. Its time has passed. It’s buggy. It crashes a lot. It requires constant security updates. It doesn’t work on most mobile devices. It’s a fossil, left over from the era of closed standards and unilateral corporate control of web technology. Websites that rely on Flash present a completely inconsistent (and often unusable) experience for fast-growing percentage of the users who don’t use a desktop browser. It introduces some scary security and privacy issues by way of Flash cookies.
Flash makes the web less accessible. At this point, it’s holding back the web.
I for one am heavily considering getting rid of Flash. It’s caused me only frustration since it came onto the scene and if it will force Adobe’s hand, perhaps this is what’s best. That being said, Adobe is a very stubborn company and has gotten more and more aggressive with it’s products over the years. This is the same company that has gone fully cloud-based with all of it’s software and now makes users rent out their products as opposed to physically owning them. It will take a massive effort from Google, Apple, Windows, YouTube and Mozilla to rid the world of Flash. It’s possible, but only if users speak up.