colyn
ישו משיח
Every piece of code written has security issues. You take the lesser of 2 evils....
photomoof
Fischli & Weiss Sculpture
Too daunting for my taste.
http://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-6761/Adobe-Flash-Player.html
Spanik
Well-known
Problem is that Flash is far more than video. Even if most use it only for that. Have seen whole user interfaces of embedded devices written and running in flash.
Dwig
Well-known
You missed my point. My point is that saying "X has already patched Flash" illustrates how little the poster understands the issue. Yes, Google has patched the current issue with Flash, as has Microsoft (in IE) and Adobe themselves.
The real issue that Mozilla is trying to address is that these patches can't be expected to be the last needed and can't be expected to patch all current flaws. It is quite obvious from the number and frequency of patches that the Flash Player code needs to be abandoned and either rewritten from the ground up with absolutely no legacy code or replaced by something else.
It's true that all code has flaws, but Adobe's Flash Player has proven to be leagues worse than the bulk of other current options.
photomoof
Fischli & Weiss Sculpture
I honestly cannot imagine why any developer would even consider using flash in 2015.
Spanik
Well-known
I can only agree with that, but someone said it above: rapid prototyping. And I guess a lot of you know how permanent some temporary solutions get.
Must say I haven't had it installed since halfway the '90s. And compared to QT is was positively beneficial.
Must say I haven't had it installed since halfway the '90s. And compared to QT is was positively beneficial.
colyn
ישו משיח
The problem is nobody wants to convert to HTML5 except a very few. News feeds still use flash. You made a comment earlier the only people who use flash are those who watch porn. This is so untrue..
I've never been a fan of flash but until everybody converts to HTML5 we're more or less stuck with it for certain applications.. I'm not going to stop reading the news till then..
Microsoft with their virus called Windows wants to keep it alive and they seem to have the money to keep it going..
photomoof
Fischli & Weiss Sculpture
There are a few like CNBC that feed auto-start flash, but they also serve up HTML5. Even Netflix has gone to HTML5 streaming (they never used flash).
Frankly I don't know any US or English speaking, "news feed" still running only on flash. What feed are you thinking of?
There may be some in other countries, but no developer would lock out all iPad and iPhone users, there are just too many with money to spend on advertisers.
The old porno remark was a joke, actually porno is pretty much cutting edge, no one is stupid enough to lock out Apple users. When I was first developing live camera software on the web, they kept calling me. Never worked for them, but they saw the reality of the future.
colyn
ישו משיח
ABC, NBC, CBS, CNN, AND Fox to name a few that have me blocked out.. I can however allow it to play..
ColSebastianMoran
( IRL Richard Karash )
Flash alternatives
Flash alternatives
I highly recommend removing or disabling Flash.
If using Safari, install the "Developer" menu. Then, if a web site breaks because of Flash, most will work if you do: Develop… User Agent… Safari iOS iPad.
Another option is to install Google Chrome. This includes Flash, but runs Flash in a walled-off "sandbox" that is generally effective. I browse generally with Safari, then use Chrome when needed.
The Flash exploits have been appearing too frequently for too long.
Flash alternatives
I highly recommend removing or disabling Flash.
If using Safari, install the "Developer" menu. Then, if a web site breaks because of Flash, most will work if you do: Develop… User Agent… Safari iOS iPad.
Another option is to install Google Chrome. This includes Flash, but runs Flash in a walled-off "sandbox" that is generally effective. I browse generally with Safari, then use Chrome when needed.
The Flash exploits have been appearing too frequently for too long.
kshapero
South Florida Man
works OK when using Chrome.
Steve Bellayr
Veteran
Life just gets more confusing. It took me sixty years to learn how to use film and pick a good bourbon and now its Adobe Flash. What's next?
willie_901
Veteran
And isn't a fact that Windows, especially IE, is vulnerable to exploits to the point that anti-hacking software is a mandatory purchase that requires constant updating?
I don't write this to bash Windows or initiate a religious post war about operating systems.
I wrote it because the people need to realize they can significantly reduce the probability of loss and inconvenience regardless of what OS platform they happen to prefer. Using alternates as gustavoAvila suggested is a good start.
NickTrop
Veteran
The reason why Windows is the most vulnerable to attacks is because it's, by far, the most widely used desktop OS. If everyone dropped Windows and switched to OS X or a Linux distribution, those will become the new targets.
Dwig
Well-known
Also, Windows specific exploits are becoming a minor issue. The Big Money is in cross-platform web based exploits and the Flash Player are been the major point of entry. The other major access point for exploits is now the various "security" issues, which again is a pretty much cross platform thing. The "security" issues (generally in encryption code for SSL and the like) have generally been pretty uniformly distributed across all OSes.
photomoof
Fischli & Weiss Sculpture
You are right... Not sure what you mean by "block out" I assume you mean you have auto-start turned off? NBC and CBS are by far the most behind the times, tech-wise.
ABC news live stream is HTML5, but if it detects Flash it will use that player. All video is HTML5, and Flash is not used for any interfaces.
NBC is a mess, on the desktop it requires Flash to stream live content. http://www.nbc.com/live -- but on an iPad or iPhone NBC uses their own App, which of course does not require Flash. Flash is not used for interfaces or video content, only the live stream. NBC news videos all run in HTML5, unless they detect you have Flash installed.
CBS is a mess -- identical to NBC, CBS apps required to bypass Flash on portable devices. CBS will feed using Microsoft video, instead of Flash. Even worse the live simulcast of the CBS Evening News as well as live video feeds can only be viewed using the Windows Media player at this time. Oddly these crazy people still support Real Player!
CNN is all HTML5, but is not a public stream, it requires a cable contract. It runs on Apple TV, and other video boxes. It will play on flash if you have flash installed.
Fox runs their content on HTML5, and offers both live streaming Radio and TV. Fox is by far the most modern of these streams, great interface, fast loading. Fox news does detect Flash and will serve it up, but the quality is much lower than HTML5, the interface slower to load and more clumsy.
BBC, NPR etc are a mixed bag, but all run portable without flash, using Apps.
All of the above are not running Flash for technical reasons, but they have contracts, but most content is available on portable devices as the more modern H.264 format (more about HTLM5 here https://en.wikipedia.org/wiki/HTML5_video).
Flash is dangerous to use. But as you pointed out there are companies still hanging on to it. I am not a big user of the desktop for news, I did not know that there was such a mess still out there. I tend to use my iPhone for everything, since it is with me all the time, and I have unlimited data.
If one is going run Flash then the solution is Google Chrome.
Google today announced it had wrapped up work on a stronger Flash sandbox in the Windows version of Chrome, and would soon ship the same for its OS X browser.
Chrome 21, which launched July 31, completed efforts to ditch the aged NPAPI (Netscape Plugin Application Programming Interface) Flash plug-in for one built to Google's own PPAPI (Pepper Plugin Application Programming Interface) standard.
By porting Flash Player to PPAPI, Google's engineers were able to stuff the Adobe plug-in into a "sandbox" as robust as the one that protects Chrome itself.
"Windows Flash is now inside a sandbox that's as strong as Chrome's native sandbox, and dramatically more robust than anything else available," Justin Schuh, a Chrome engineer, in a post to the Chromium blog Wednesday.
A sandbox is an anti-exploit technology that isolates processes on the computer, preventing or at least hindering malware from letting hackers exploit an unpatched vulnerability, escalate privileges and push their attack code onto the machine. http://www.computerworld.com/articl...-builds-stronger-flash-sandbox-in-chrome.html
Chrome 21, which launched July 31, completed efforts to ditch the aged NPAPI (Netscape Plugin Application Programming Interface) Flash plug-in for one built to Google's own PPAPI (Pepper Plugin Application Programming Interface) standard.
By porting Flash Player to PPAPI, Google's engineers were able to stuff the Adobe plug-in into a "sandbox" as robust as the one that protects Chrome itself.
"Windows Flash is now inside a sandbox that's as strong as Chrome's native sandbox, and dramatically more robust than anything else available," Justin Schuh, a Chrome engineer, in a post to the Chromium blog Wednesday.
A sandbox is an anti-exploit technology that isolates processes on the computer, preventing or at least hindering malware from letting hackers exploit an unpatched vulnerability, escalate privileges and push their attack code onto the machine. http://www.computerworld.com/articl...-builds-stronger-flash-sandbox-in-chrome.html
NickTrop
Veteran
Know what -- I made an earlier post in support of Flash? I take this back upon further review. Time to retire this tech. Good for RAD prototypes... too risky for wide cross platform use.
photomoof
Fischli & Weiss Sculpture
Flash is dead easy to use, and it is good for prototyping by non-programmers.
My coders can replicate flash functions using Ruby on Rails almost exactly, and they run magnitudes faster than flash.
But you have to either be the boss, and hold all the purse strings, or be prepared for a lot of laughter that you are have still not learned to program when it is so "easy." No matter what you do, "they" will be laughing at you, calling you a dufus behind your back.
You are safer with paper prototyping, laughter-wise.
Not important if it is a water valve control application in an apartment building, but scary if it is used for a valve control center at a nuclear power plant.
Or as an interface for your social security information (I was aware of "helpful" flash front ends being built for the government by friends when flash was all the rage in the late '90s)
willie_901
Veteran
As with all technologies, for a period of time Flash served a purpose.
But for a variety of technical reasons, that time is over. Even Adobe killed Flash for mobile device OS platforms. Security concerns will eventually kill it for general use.
Java script faces a similar fate for similar reasons.
But for a variety of technical reasons, that time is over. Even Adobe killed Flash for mobile device OS platforms. Security concerns will eventually kill it for general use.
Java script faces a similar fate for similar reasons.
Dave Jenkins
Loose Canon
I uninstalled Adobe Flash Player and downloaded the latest version of Firefox, but now Pandora will not play on my Windows 7 computer. It tells me to download Flash. What can I do to make it work?