Flash Dies but Warning Signs Persist: A Eulogy for …

0
225
Flash will be gone by the end of the year, but the ecosystem that allowed it to become a software security serial killer is ready to let it happen again.

Flash is finally dying at the end of this year, and it will not be missed.

Let me be direct: We should be happy that this software, one of the worst ever to plague our lives from a security perspective, is going away, and at the same time, Flash was not a fluke. Security has come a long way, but the ecosystem that allowed Flash to become a software security serial killer still exists and is ready to let it happen again. This time, the stakes are infinitely higher.

Everyone Knew Flash Was Bad
As they promised way back in July 2017, Adobe will stop distributing, updating, or issuing patches for Flash Player after Dec. 31. Across a seven-year rampage from 2010 to 2017, Flash affected 1 billion users, dishing up more than 1,500 critical vulnerabilities — peaking with nearly one new vulnerability reported every day in 2015. Flash continued to grow despite very vocal, very prominent critics. Grassroots movements like Occupy Flash were founded, and major players like Facebook and Mozilla called to retire Flash.

One towering figure…

Read More…

Актуальные книги на английском