In 2010, Steve Jobs famously wrote a pages-long manifesto about why he would not allow Adobe Flash to work on Apple mobile devices.
“We don’t want to reduce the reliability and security of our iPhones, iPods, and iPads by adding Flash,” the Apple CEO firmly stated.
Five years later, further clues backing up Jobs’ security warning continue to persist. Now, Facebook’s new chief security officer, Alex Stamos, has stated publicly that he wants to see Adobe end Flash once and for all.
On Twitter this weekend Stamos — formally of Yahoo, now at Facebook — tweeted the following:
It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day.
— Alex Stamos (@alexstamos) July 12, 2015
Stamos’ call for the end of Flash likely has to do with a great deal of new Flash-related revelations. Following the highly-publicized Hacking Team hack, which saw a major surveillance company’s files completely leaked online, a slew of new vulnerabilities have been disclosed relating to Adobe’s Flash player.
Adobe has patched these issues, but still more vulnerabilities continue to arise. In fact, as soon as Adobe announced it had patched a few issues, more were disclosed — at least 20 were discovered in the last week alone.
Adobe has been actively working to fix these issues, but Flash seems to be extremely targeted by hackers and it’s likely to not stop. It has been going on for years.
Security blogger Graham Cluley agrees with Stamos. He writes, “The truth is that the company would probably gain a lot more respect from the internet community if it worked towards this ultimate fix for the Flash problem, rather than clinging on to the belief that it might be able to one day make Flash secure.”
People in this camp believe the answer to be for Adobe to kill off the player, but with ample warning. This is because not only do most major browers support the player, but many smaller companies’ entire web programs rely on Flash.
But once a ‘kill-off date’ is announced, everyone can transition toward more secure and open options like HTML5. Facebook, for instance, uses both Flash and HTML5, depending on browser preferences.
Of course, if such a end-of-life date for Adobe Flash were to be announced, it would certainly cause a lot of tumult. Smaller companies and organisations without the resources of Facebook-like behemoths would have to totally rethink their web design.
But perhaps a clean break with a fair amount of warning is the only way to make for a safer internet. At least that’s what people like Stamos think.