back to article Enough is enough: It's time to flush Flash back to where it came from – Hell

If you patched Adobe's screen door of the internet – its Flash plugin – last week, and thought you were safe, even for a few weeks, you were sadly mistaken. The Photoshop goliath is warning that yet another programming blunder in its code is being exploited in the wild, and says it won't have a patch ready to deploy until …

  1. Mark 85 Silver badge

    This is or isn't funny....

    I just got the "This website wants to install Adobe Flash Player" from the ad at the top this article.... FAT CHANCE!!!!!!!!!!!!!!!

    1. frank ly Silver badge

      Re: This is or isn't funny....

      Ad? I see no ads.

    2. Voland's right hand Silver badge

      Re: This is or isn't funny....

      You do not have flashblock? While adblock is a matter of taste, flashblock is nearly mandatory for any sane internet browsing. Either that or a CPU for which there is no flash (like my arm Netbook, actually ex-Chromebook).

      1. Anonymous Coward
        Anonymous Coward

        Re: This is or isn't funny....

        Flash works on my ARM-powered Chromebook. In fact, the Samsung ARM Chromebook does Flash better than any other machine in the house. The children use it for games and for maths exercises for school.

        1. td97402

          Re: This is or isn't funny....

          Perhaps you missed his saying his "ex-chromebook". The google Chrome browser on the Chromebook might have supported Flash but since he rooted and installed another OS, I guess it doesn't now. Much like my former Windows laptop that now runs a flavor of Ubuntu and has no flash installed.

      2. Mark 85 Silver badge

        Re: This is or isn't funny....

        I don't have flash installed for IE or Firefox. Period. Not on my PC or any in the house. I don't use Chrome as I'm not a fan of Google's ethics but that's for another topic.

    3. leexgx

      Re: This is or isn't funny....

      just have click to play enabled (Chrome/firefox/opera only) and adblock and most issues are not there

      if your using IE well you're a sitting duck sorry (no adblock or click to play flash)

      i wonder how long its going to take chrome to treat Flash like Java (click to play is forced if java app wants to load in chrome)

      one thing i have noticed most malware nowadays looks for vmware or sandboxie, if it detects them on your system it will not do stage 3 normally (drop the full payload onto your system) as its likely your a whitehat or company looking these droppers (most likely why i have never seen it on my system) as vmware or sandboxie is unlikely to be on an normal persons computer best to just not load droppers onto systems that have them tools on your system

    4. This post has been deleted by its author

  2. Anonymous Coward
    Mushroom

    Obligatory "Aliens" reference

    I say we take off and nuke the entire site from orbit. It's the only way to be sure.

    1. jonathan keith

      Re: Obligatory "Aliens" reference

      That's a little harsh. What about everyone else who lives in San Jose?

      1. Dave 126 Silver badge

        Re: Obligatory "Aliens" reference

        Flash... BANG!

        1. psychonaut

          Re: Obligatory "Aliens" reference

          surely that should be

          DUN DUN DUN DUN DUN DUN DUN DUN DUN DUN DUN DUN DUN DUN .....................FLASH!.............AHHHHHHHHHHHHHHHHHAAAAAAAAAAAAAA (rrgh)

      2. Anonymous Coward
        Anonymous Coward

        Re: Obligatory "Aliens" reference

        "That's a little harsh. What about everyone else who lives in San Jose?"

        In this case I'd say they were an unfortunate but acceptable degree of collateral damage. Just like NATO and the Taliban both think of Afghan wedding parties.

  3. CJ_in_AZ

    And just WHY do so damned many ads on The Register need Flash??? Seems to me it makes reading The Register a security hazard!

    Gee... and this was the first article I read after getting Flash updated to keep Firefox from whining about it...

    1. Badvok

      Use an ad/content blocker, don't ever install flash. It is also worth blocking 'regmedia.co.uk' with whatever blocker you use to avoid the annoyingly large, spurious, and often NGFW (Not Good For Work) images the register has taken to using,

  4. Fazal Majid

    I have always disabled Flash entirely on my primary locked-down browser (Chrome), but the last incident made me reach my tipping point. My plan is to remove Flash entirely from my Mac, and leave it in a VirtualBox VM ghetto for when I absolutely need it. That way I won't have to restart all my browsers each time there is a security update, and the damage from compromise is contained.

    The flaw in this plan is that Chrome bundles Flash, so there would still be the taint of Flash on the main OS X.

    1. Remy Redert

      I have good news for you! While Chrome bundles Flash and enables it by default, it IS possible to turn it off completely.

      To do this, go to settings > Privacy > content settings. There you can either block ALL plug-ins by default, or you can click the link below to disable individual plugins. Click that link, scroll down to Flash, click disable.

      Your machine is now Flash free as far as the internet is concerned, since Chrome will no longer load the Flash libraries.

  5. Daniel Voyce

    What are these ads people are talking about?

    I haven't seen an advert in close on 3 years....

    1. iMap

      Re: What are these ads people are talking about?

      NoScript has done the job for me for years, what ads?

  6. Anonymous Coward
    Mushroom

    Oki dokies. Enough is enough Fuckobe. Flash is out.

    This is our last five Flash deployments along with their respective dates (and we typically patch within 48 hours following the availability of an update);

    Adobe Flash Player v15.0.0.223 - 20141112

    Adobe Flash Player v15.0.0.239 - 20141126

    Adobe Flash Player v16.0.0.235 - 20141210

    Adobe Flash Player v16.0.0.257 - 20150114

    Adobe Flash Player v16.0.0.296 - 20150128

    Really? Five fucking patches within a 77-day timeframe with the last patch issued less than a week ago and already there is another security advisory for this god damned excuse of a browser plugin which is once again demonstrated to contain more vulnerabilities and require more patching than entire bloody operating systems?

    Just issued an enterprise-wide uninstall of this pile of crap. Should've done so ages ago and frankly speaking if Flash is a crucial and required component for the functionality of a given website then the webmaster really does have bigger concerns since mobile devices aren't exactly known to be very friendly towards Flash.

    And while we're on the topic of Adobe being security-incompetent my reseller had once told me that they were given firm instructions by Adobe themselves to always claim that Adobe's products and services are "very secure". I cannot recall the exact phrase but it was along the line of "we were told to always claim that Adobe and Creative Cloud are "very secure" when asked."

    Ha... ha... HA... HAHAHAHAHA.

    Yeah. So "secure" indeed that my dedicated E-Mail alias for my Adobe ID is subject to spam attempts multiple (up to a dozen) times an hour because Adobe can't fucking "secure" their website and databases either. I have since changed said E-Mail alias but it continues to stick out like a sore thumb every single time I need to review my mail exchange logs.

    News Flash Adobe...

    "Security" is a little bit more than just pulling the word out of your arses.

    1. John Sanders
      Trollface

      Re: Oki dokies. Enough is enough Fuckobe. Flash is out.

      """Just issued an enterprise-wide uninstall of this pile of crap."""

      Dear entrope, Surely you did not do it to the vSphere servers didn't you?

    2. xBr0k3n

      Re: Oki dokies. Enough is enough Fuckobe. Flash is out.

      Dude you missed 16.0.0.287!! That was like 3, or so, days after 16.0.0.257.

      1. This post has been deleted by its author

      2. Anonymous Coward
        Facepalm

        Re: Oki dokies. Enough is enough Fuckobe. Flash is out.

        @xBr0k3n. So apparently I did. Sigh. Had to double-check my security advisory E-Mails.

        Make that SIX fucking patches within a 77-day timeframe then.

        Definitely an inexcusable oversight on my part however. But damn that's a lot of patching.

        @John. No vSphere under my belt. Mercifully. We do have one brand of firewall appliance we're quite fond of however which did rely on Flash for its web interface until about a year ago when the last major version release finally got rid of it. It was tolerable originally however as I much preferred to install and utilize their dedicated management application instead.

  7. DougS Silver badge

    Thinking about uninstalling flash for good

    It is used for very little aside from ads anymore, and I keep Chrome around as my "browse the occasional site that doesn't work right in Firefox, or has sketchy content" browser so I could use it if there is some backwater site that still hasn't got the memo and uses flash.

    I think it is pretty much like when I dumped Java a few years ago, and Shockwave a decade ago. It will be a small inconvenience on the occasional site, but given the billion iOS devices browsing the web without flash any site that requires it isn't worth bothering with in 2015.

    1. Anonymous Coward
      Go

      Re: Thinking about uninstalling flash for good

      Do it. I've been without Flash for a good four to five years now on my personal workstation and I haven't missed it a single bit. As a matter of fact it actually significantly improved by browsing experience as it got rid of the vast majority of highly annoying "flying across the screen"-style ads.

      Back when I first dumped Flash (and mind you this was back in around 2011) I did feel the pinch a little. Certain websites wouldn't load and those which did would contain missing Flash elements. These days however it is extremely rare to be handicapped due to the absence of Flash.

      Even CNN plays you videos without Flash.

      Also one of the truly rotten aspects of Flash which a lot of individuals do not consider is that it is very often used to override any anti-cookie configuration you may have. Flash has its own data store which ad networks have been known to exploit to store unique identifiers as this data store is not cleared when you purge your browsing history. I'm not sure if this is still the case as I haven't had Flash installed for years and my enterprise configuration had a policy to disable this data store but given Adobe's lousy security track record I wouldn't be surprised if this little "feature" is still open to abuse.

      1. nematoad Silver badge
        FAIL

        Re: Thinking about uninstalling flash for good

        "Even CNN plays you videos without Flash."

        The BBC doesn't and when I tried to contact them about their reliance on Flash via their web form:

        https://ssl.bbc.co.uk/faqs/forms/

        I got this error message:

        "An error occurred during a connection to ssl.bbc.co.uk. The OCSP response contains out-of-date information. (Error code: sec_error_ocsp_old_response) "

        It makes you wonder what they are doing with all the money that they forcibly extract from the viewers.

        Oh, I still haven't worked out how you get in contact to ask them to ditch this piece of shit.

        1. Tom 38 Silver badge

          Re: Thinking about uninstalling flash for good

          It makes you wonder what they are doing with all the money that they forcibly extract from the viewers.

          The BBC is vastly underfunded for what we ask it to do. All of their awesome tech is delivered on a shoestring budget by people who should really be working elsewhere and making a whole lot more money. I don't like that they spend so much money on slebs and dancing shows, but it seems to be what people want to watch.

          PS: Why does their OCSP list got out of date information? Probably because the person who is fixing that is fixing something more important at the minute. Particularly given that OCSP is a dog, doesn't serve its purpose (particularly in this scenario, no client certificates to revoke, so OCSP is controlling revoking the server certificate) and most browsers will silently ignore invalid OCSP information, I'd imagine its fairly low down the list.

        2. Z80A

          Let's campaign to ask BBC to drop Flash

          Fortunately your URL https://ssl.bbc.co.uk/faqs/forms/ worked for me and I managed to submit a comment expressing strong dislike for Flash. Please commentards, do the same and help nudge the BBC towards safer media players.

          1. nematoad Silver badge
            Happy

            Re: Let's campaign to ask BBC to drop Flash

            "Fortunately your URL https://ssl.bbc.co.uk/faqs/forms/ worked for me..."

            Yes, so it does.

            I wonder if the indirect boot up the BBC's backside that I gave it worked.

            I too have left a request that they get rid of Flash.

        3. Anonymous Coward
          Anonymous Coward

          Re: Thinking about uninstalling flash for good

          Received the following from BBC regarding Flash on their website:

          Thanks for contacting us regarding our use of Adobe Flash.

          Flash was chosen for playback on bbc.co.uk in our embedded media player for several reasons.

          Reach - Flash was the most effective way of delivering a high quality experience to the broadest possible audience. It provided DRM to enable us to negotiate rights for distributing programmes online and allowed us to affordably deliver an adaptive bitrate solution and live simulcasts of our TV channels.

          You can read more about Flash, open standards and the BBC in the following blog.

          http://www.bbc.co.uk/blogs/legacy/bbcinternet/2010/08/html5_open_standards_and_the_b.html

          However, as Cathy Bartlett states in her blog below, we are looking to move a single player across platforms and devices. We'll be continuing to exploit modern ways of embedding and playing media in web pages, researching new streaming formats such as MPEG-DASH, as we move towards using a single player across platforms and devices.

          http://www.bbc.co.uk/blogs/internet/entries/7185ad76-d3de-3df6-8641-975feed88091

          So while Flash is commonly used now, we are looking into how best to deliver media going forward.

      2. David Pollard

        If this little "feature" is still open to abuse?

        @Entrope. It is indeed still in use, and it is being used by the British government.

        After completing my self-assessed tax return last week Ccleaner obligingly removed a Flash Cookie which was labeled as belonging to online.hmrc.gov.uk. Also it looks as though access to the online tax pages isn't possible unless scripts are enabled from Google Analytics.

        Don't we pay the spooks at Cheltenham enough to avoid the need to offshore this?

        1. Anonymous Coward
          Facepalm

          Re: If this little "feature" is still open to abuse?

          @David. Thank you kindly for verifying!

          LOL @ HMRC. And face palm. Does make you wonder though how many government websites would outright collapse overnight if Flash were to be suddenly flagged as a dangerous and dumped across the board by all browsers simultaneously.

        2. Martin an gof Silver badge

          Re: If this little "feature" is still open to abuse?

          it looks as though access to the online tax pages isn't possible unless scripts are enabled from Google Analytics

          There were a few things I had to enable (noscript / ghostery blocked) but Google Analytics wasn't one of them. Don't think I've ever had to enable that to make something work...

          M.

          1. David Pollard

            Re: If this little "feature" is still open to abuse?

            @Martin: Starting with a clean copy of Firefox portable, which did let me in, then loading addons one or two at a time, Ghostery and scripts from Google Analytics had been the only things I could see that were left to test before I gave up trying to find out what was blocking my access to the HMRC self assessment site. (Life is short, after all.)

            Today I seem to be able to get in without any problem, and apparently without a Flash Cookie being planted; though I didn't enter any data. Ghostery showed 0 trackers on the self-assessment menu page. Maybe government techies do read El Reg after all, but I still haven't had an offer of employment.

  8. Robert Helpmann?? Silver badge
    Childcatcher

    Lead by Example

    It's time to take the software round the back of the shed and shoot it.

    Nah, this calls for public execution* pour encourager les autres. Hang 'em high!

    * Please note that I am morally against capital punishment. I just don't know what came over me. Oh, right: Flash.

  9. Florida1920 Silver badge

    YouTube in HTML5, Firefox

    This feature was already turned on in Chrome (Windows); I had to enable HTML5 for YouTube in FF 35.01.

    https://www.youtube.com/html5

    I spend a lot of time on YouTube listening to favorite music, but the videos I watch look just as good in HTML5 as in Flash. There just isn't anything I want to see anymore that requires Flash.

    1. Dave 126 Silver badge

      Re: YouTube in HTML5, Firefox

      The slow death of Adobe Flash has been hastened — YouTube, which used the platform as the standard way to play its videos, has dumped Flash in favor of HTML5 for its default web player. The site will now use HTML5 video as standard in Chrome, Internet Explorer 11, Safari 8, and in beta versions of Firefox. YouTube engineer Richard Leider said the time had come to ditch the aging Flash in favor of HTML5 as the latter, used in smart TVs and other streaming devices, had benefits that "extend beyond web browsers."

      YouTube's move highlights the shrinking relevance of Adobe Flash on the modern internet. Adobe itself has spent the last few years severing many of its ties with the product — the company's Flash 2012 Flash roadmap narrowed its focus to gaming and "premium" video, and in 2011, the company killed Flash Player for mobile, saying at the time that HTML5 was the "best solution for creating and deploying content in the browser across mobile platforms." In 2015, YouTube has realized that Flash is not the best solution for web video, full stop.

      http://www.theverge.com/2015/1/27/7926001/youtube-drops-flash-for-html5-video-default

  10. Jan Hargreaves

    I guess none of you play browser games... The top 10 games in Facebook all use flash. What would the wife do if there was no flash I ask you? Is it not a good way to keep her quiet?

    1. Dave 126 Silver badge

      Games built on HTML 5, iOS or Android should provide your good lady wife with some distraction.

      She might find a tablet - and we're hearing good things about inexpensive Android models these days - more convenient than a laptop for causal gaming / general messing around online. If she doesn't already have one, the 14th of February might give you an excuse to buy her a tablet.

      1. Alien8n Silver badge

        I've been hinting at this to my other half for a while, but she's adamant she doesn't want a tablet, she seems happy enough with a woefully underpowered years old laptop that she complains doesn't work fast enough. You try to help some people eh?

      2. Anonymous Coward
        Anonymous Coward

        " If she doesn't already have one, the 14th of February might give you an excuse to buy her a tablet."

        My long experience of buying distaff side gifts tells me that an infinitesimal proportion of the female population would welcome a tech gift on that date. As an "out-of-the-blue" gift on a non-special day she'll be surprised and appreciative, but for birthdays and Valentines you may only be earning two weeks of bad tempered glaring and door banging. Stick to romantic meals, surprise weekends away, carefully chosen clothing, chocs and flowers. And just give her the tablet for the sake of it.

  11. Christian Berger Silver badge

    Plugins are actually the symptom, not the root problem

    The question is, why did people even get the idea of using plugins?

    I mean the WWW did have a promising start. HTML was a simple standard with a couple of tags telling the browser how the document was structured. The design aspects were entirely left to the browser. That's why you could set your fonts in early versions of Netscape.

    What we need to do now is to kick out features of HTML. It was never made to provide "pixel perfect" GUIs. CSS has turned into a Turing-complete mess, and Javascript is abused more and more. Maybe we should replace HTML/HTTP with something new for "Web Applications", something that's been designed for it, allowing for simpler code on the browser and on the server.

    1. Tree

      Re: Plugins are actually the symptom, not the root problem

      If we ditch flash and replace it with "X" will "X" play on my Windows XP box? Please fix Real Player for the older computers. Real Player turned into such bloatware that it was useless but I never got a virus from it!.

      1. Archaon
        Mushroom

        Re: Plugins are actually the symptom, not the root problem

        "Please fix Real Player for the older computers. Real Player turned into such bloatware that it was useless but I never got a virus from it!."

        Assuming you're not being sarcastic you do understand that you are literally the only person on the entire internet who wants that thing to come back, right?

      2. Evil Graham

        Re: Plugins are actually the symptom, not the root problem

        "... it was useless but I never got a virus from it!"

        Ignorance, as they say, is bliss.

    2. Dave 126 Silver badge

      Re: Plugins are actually the symptom, not the root problem

      >The question is, why did people even get the idea of using plugins?

      It seems that Adobe (before they acquired Flash etc with Macromedia) wanted Netscape Navigator to render PDF files directly. Netscape proposed building PDF support into Navigator, but Adobe suggested that Netscape develop a system for supporting plugins, as Adobe themselves had done for Adobe Reader.

      http://en.wikipedia.org/wiki/NPAPI#History

    3. mikejs

      Re: Plugins are actually the symptom, not the root problem

      "That's why you could set your fonts in early versions of Netscape."

      Both Firefox and IE (but not Chrome) still let you do this, and let you prevent those settings being overridden. Even today, I'd recommend at least trying it. It makes things a lot more readable (the same font on all sites is a lot easier on the eye), and generally fixes more than it breaks.

    4. Daniel B.
      Boffin

      Re: Plugins are actually the symptom, not the root problem

      Indeed. People advocating for the ultimate quash of plugins are missing the point: the WWW itself was not intended to carry dynamic content at all. HTML has had a lot of stuff hacked in, from the hideous JavaScript to CSS and a lot of bloatware on top of that (AJAX! JSON!) to the point where JavaScript stuff has grown into being the same kind of bloatware that plugins have been anyway. There are sites which will make my smartphone hot just because of the crappy JavaScript stuff running in the background.

      Plugins were made to add native programming functionality into websites, which can be good (Java), can be iffy (Flash), or can be downright hideous (ActiveX). The needs aren't going to go away just by banning plugins. Ideally we would have something better replace the WWW itself for "web app" stuff, but at the moment we have to work with what we have.

      1. Christian Berger Silver badge

        Re: Plugins are actually the symptom, not the root problem

        To be honest I see little difference between Java and ActiveX, both are horrible ideas just one is sand boxed a little bit better. Plugins are just a horrible way to solve such a problem.

        Again for web apps, which use a completely different layouts than web pages, we should have gone for something completely different. Something that's essentially an intelligent terminal. Perhaps it could use Javascript or Lua for the bit of local processing you need, but something completely different for the GUI.

  12. Anonymous Coward
    Anonymous Coward

    This type of mentality is irrational, bordering stupidity.

    I'm not trying to support Flash here, but listen to yourselves for a minute.

    Yes Flash has been around for a long time because Internet features has so far been unable to replicate the functions it offers, I hope that one day, Flash's features and performance can be replicated entirely in the browser without a plugin.

    As this is a technical news site, I assume you people have some knowledge of how such things work. The writer here called out to a few sites that no longer uses Flash, one of which is Netflix, but that's pushing it too far. Netflix uses Silverlight which is Flash's direct competitor by Microsoft. It faces the same problems and it also has been patched a lot recently.

    Fact is there *were* features people have enjoyed for a long time that is brought about by this plugin back from the Macromedia days but due to the mindless bashing of the press and fanatical followers of Steve Jobs, companies suddenly started running away from Flash like a plague. Good riddence, you might say, but these companies had to give up all interactive possibilities just because of an irrational fear created by the media and as a direct result of such mindless mobs, Adobe actually scaled back development of Flash.

    If you are scared about contracting viruses from ads, use an ad-blocker, it'd do more than just stop viruses from spreading through one plugin.

    Now the other thing, bugs doesn't just go away because you uninstall an offending plugin. What has happened is the codes and runtime support for the features in Flash is now essentially being ported right into your browser. The coders at Mozilla, Google etc.. will face the same implementation problems and will most likely encounter the same bugs, which is part of the reason why Firefox switched to a rapid release model.

    What will happen in the future is clear, if there are 0-day security issues like this on any part of the browser that is only growing in bloated technologies by the day. More people than what is being infected now will be infected, and what's worst is there could be no way to simply disable a type of browser feature in order to stop an infection.

    There are already issues with replacement technologies in javascript animations for example that Flash developers has moved onto that are hanging up and crashing entire browsers. This will only get worst as the Internet catches up with features pioneered and offered in Flash.

    I seriously doubt any right-minded person simply uninstall or removes an item prone to infection just because news of it being exploited comes out and doesn't look for alternative remedies.

    If you're serious about this type of mentality? Perhaps you should permanently glue and disable your USB and Thunderbolt ports too. Those as far as we know at the moment has the potential to completely compromise your machines to the point that re-installing wouldn't help. Oh you might also think about getting rid of OSX, Windows and Linux altogether as they've also been having their fair share of 0-day exploits within the past 60 days.

    1. Anonymous Coward
      Meh

      Re: This type of mentality is irrational, bordering stupidity.

      "Now the other thing, bugs doesn't just go away because you uninstall an offending plugin." - What uninstalling an utterly useless and offending plugin does do however is reduce the number of attack vectors without actually causing any real implications or inconveniences.

      And one important aspect of security is to keep installations minimal. More applications, services and plugins equals to more code to exploit. If a given feature isn't required it shouldn't be there if it is within your capability to disable or fully eradicate it.

      Seeing how Adobe finds it quite fit however to take its own sweet time to mend the vulnerability (note that a patch hasn't been released yet) despite evidence that said vulnerability is currently being exploited in the wild by a common exploit kit does make one quite inclined to proceed with the eradication route especially when the plugin in question is no longer as necessary to browse the internet as it used to be.

      Don't get me wrong though. I do agree with some of your points. But as someone who has been without Flash on a personal level for quite some years I find it difficult to vouch for its usefulness. Yes, the majority of the attackers will be (or have already begun experimenting on) exploiting the "next big whatever" and that is when the evaluation of subsequent countermeasures should take place in order to minimize ones exposure to the vast majority of threats.

      Terminating Flash isn't a permanent solution to staying safe online. But *right now* it isn't an unreasonable solution either.

      1. nematoad Silver badge

        Re: This type of mentality is irrational, bordering stupidity.

        "And one important aspect of security is to keep installations minimal. "

        Amen to that. The Unix maxim "Do one thing and do it well"

        Yes systemd, I'm looking at you.

        1. Alistair Silver badge
          Coat

          Re: This type of mentality is irrational, bordering stupidity.

          " Yes systemd, I'm lookingglaring at you. "

          FTFY

          And you aint the only one.

      2. Roland6 Silver badge

        Re: This type of mentality is irrational, bordering stupidity.

        The nice thing about plug-in's is that you can uninstall them; with FLASH equivalent functionality in HTML 5, your options to reduce attack surface are somewhat reduced.

        Also "Even if Adobe put its top programmers working on Flash, a free piece of software, a lot of people around the world are very keen to find exploitable bugs in the plugin so they can break into victims' computers." can be simply rephrased, replacing FLASH with HMTL5 or whatever. Basically, if a lot of people are going to be using something, then it is going to attract people keen on finding exploits QED.

    2. Andrew 59
      Stop

      Re: This type of mentality is irrational, bordering stupidity.

      @ first AC: I didn't read your full comment, just up to the part where you said these companies had to give up all interactive possibilities... And that's a lie. Just ask The guys at Green Felt or Gopherwood Studios. They make excellent games with only a scary amount of JavaScript. No flash to be seen.

      1. RyokuMas Silver badge
        Joke

        Re: This type of mentality is irrational, bordering stupidity.

        "...a scary amount of JavaScript"

        ... what, more than four lines?

      2. Charles 9 Silver badge

        Re: This type of mentality is irrational, bordering stupidity.

        "They make excellent games with only a scary amount of JavaScript. No flash to be seen."

        You should read further. He's saying JavaScript is just as bad.

        But here's the rub. If you remove Flash and JS, what the heck do you use to code highly-interactive web content (that consumers actually want--just ask Facebook)? What can you use that's cross-platform and with fewer holes than a wheel of Emmentaler?

    3. Medixstiff

      Re: This type of mentality is irrational, bordering stupidity.

      AC,

      I expect you have never had the pleasure of seeing IE or Chrome use 99% CPU resources until you have closed the tab/s with Flash content on them and seen everything plummet to normal levels.

      This is on a 12GB RAM, Core I7 930 - 8 cores with HT - so not exactly a slow machine.

    4. Dan 55 Silver badge
      Thumb Down

      Re: This type of mentality is irrational, bordering stupidity.

      Mozilla and Google run automatic checks against their code to pick up bugs which could be used for exploits in the future and correct them before they are. Every Chrome or Firefox release pre-emptively fixes possible exploit avenues.

      Adobe just play whack-a-mole.

      See the difference?

      1. Loyal Commenter Silver badge

        Re: This type of mentality is irrational, bordering stupidity.

        Mozilla and Google run automatic checks against their code to pick up bugs which could be used for exploits in the future and correct them before they are.

        Mention the terms, 'coding to an interface', 'unit testing', or even 'bounds checking' to an Adobe programmer and I expect you will get nothing more than blank looks. Sadly, best practice is something often ignored by a lot of companies.

    5. MrWibble

      Re: This type of mentality is irrational, bordering stupidity.

      "Netflix uses Silverlight which is Flash's direct competitor by Microsoft."

      Odd, it works fine on my linux machine which has never seen Silverlight (or Mono)...

      1. Greg J Preece

        Re: This type of mentality is irrational, bordering stupidity.

        Odd, it works fine on my linux machine which has never seen Silverlight (or Mono)...

        Chrome implemented the HTML5 DRM extensions that Netflix's HTML5 player requires, so if you're in Chrome it will work natively on Firefox. Before that became a thing, I was utilising a package within an Ubuntu repository which was basically a Windows version of Firefox and Silverlight pre-packaged to work under WINE. Worked pretty damn well, but native is nicer.

        1. Alistair Silver badge

          Re: This type of mentality is irrational, bordering stupidity.

          "Chrome implemented the HTML5 DRM extensions that Netflix's HTML5 player requires, so if you're in Chrome it will work natively on Firefoxlinux. Before that became a thing, I was utilising a package within an Ubuntu repository which was basically a Windows version of Firefox and Silverlight pre-packaged to work under WINE. Worked pretty damn well, but native is nicer."

          Sorry -- but that was jarring to read. FTFY

        2. Greg J Preece

          Re: This type of mentality is irrational, bordering stupidity.

          *if you're in Chrome it will work natively on Linux. Not sure how I got FF's name in there. Was probably thinking of my next sentence.

    6. Steve Graham

      Re: This type of mentality is irrational, bordering stupidity.

      You're basically wrong because you ignore the fundamental issue with Flash: it's humongously big and incorporates massive amounts of functionality which hardly anyone uses (or knows about).

      If it was just a movie player, which is all that most people ever used it for, it wouldn't have been so difficult to make secure. Even Adobe might have been able to do it.

    7. Dave 126 Silver badge

      Re: This type of mentality is irrational, bordering stupidity.

      >Fact is there *were* features people have enjoyed for a long time....

      Enjoyed by web-users, or by developers?

      >... but due to the mindless bashing of the press and fanatical followers of Steve Jobs

      As an Android / Windows user, I agree with Jobs on this - but I didn't need him to point out the high CPU load Flash inflicts on my laptop - the fan noise does that.

      To simplify: The use of Flash can be roughly dived into three classes:

      1, Video, for which HTML5 and hardware-accelerated codecs appears to the correct solution - even Adobe think so.

      2, Games - for that sort of causal gaming experience, many people now play native Android or iOS games.

      3, Animations - for which Flash is still the best solution. However:

      As a consumer of content on the web, it seems to me that most Flash animation is not for my benefit - it is put to use in advertisements, or else in often-misguided attempts to make websites more interactive or visually interesting. [Web designers: if in doubt, Keep It Simple Stupid!] As a content consumer, 99% of the time I just want to read the text, look at the pictures and watch the video - ideally in a fairly standard way across websites. Only occasionally do I come across a a Flash element - say an interactive diagram with roll-over elements - that genuinely enhances my experience.

      Adobe have made Edge Animate - a tool to create Flash-like animations using HTML 5 and CSS, but the consensus is that is not there yet - as the results are at the mercy of different implementations of in different browsers. Hopefully it will get there.

    8. Mike Dimmick

      Re: This type of mentality is irrational, bordering stupidity.

      "Netflix uses Silverlight which is Flash's direct competitor by Microsoft. It faces the same problems and it also has been patched a lot recently."

      Have to pull you up on this. Silverlight 5 for 32-bit Windows has been patched five times in its entire existence, from December 2011 (so a little over 3 years). Three were remote code execution issues, one could potentially allow information disclosure, and one was a defence-in-depth measure correcting a problem where other code could be attacked using Silverlight as a vector (it meant the location of attack code was predictable). The most recent patch was last March.

  13. William Donelson

    Flash has *always* been a CPU pig...

    Macromedia screwed it up royally, Adobe made it worse.

  14. Michael Thibault
    Megaphone

    Do the right thing!

    Adobe really should do the right thing and euthanize Flash, publicly and resolutely, on a short time scale. Else, there will be people hanging on to its long tail for years, the way people hung onto--and still hang onto--XP. Make a clean break, Adobe; stop playing with that thing, and just kill it. It's the best thing for all concerned.

    1. Anonymous Coward
      Anonymous Coward

      Re: Do the right thing!

      "Make a clean break, Adobe; stop playing with that thing, and just kill it."

      Why would they do that, when they make money from it? Having failed to invest in a secure solution thus far, they won't be doing so now, as HTML5 slowly eats their customer base. And the result is the lingering death that we continue to see. I think that will continue for several years yet, unless the exploits become corporate. A few unlucky grumble chasers getting their PC's owned won't persuade the world to move on. If a couple more Target-style data breaches occur that were linked to Flash, or a Sony Pictures style intrusion, then the corporates will start uninstalling Flash. When they're not paying then Adobe will have no revenues, "support" will end, and Flash can be put where it belongs, in a shallow grave.

  15. Breen Whitman

    Steve jobs was "right" only because he was a slimey vile worm, hell bent on binding the entire populous into the Apple App model.

    Flash allowed creators some freedom to break that restrictive model.. But as it turns out, Flash has become a lumbering pig, long overdue a bullet to the skull.

    Throw it into the same hole Jobs is decomposing in. Both were a pox upon this good earth.

    1. Greg J Preece

      That was a bit vicious. The reason I discount the whole "Jobs was right" thing is two-fold:

      1) He was stating the bloody obvious. HTML5 was being implemented at the time and its enhancements were fully intended by all parties to replace needless Flash installations. Now every time someone says "Flash is shite" everyone yells "seeJobswasrightomgwhatanamazingvisionary" when no-one was arguing that point.

      2) He was only making his super-amazing-wise proclamations in response to people bugging him about why iOS didn't have Flash. He decided to point the finger at Adobe and get on a high-horse about how making things worse for the end-user was actually a feature - something they eagerly lapped up - rather than admit his devices were deficient compared to their competitors.

      1. ThomH Silver badge

        Re: (2); Jobs' letter came two months before Adobe finally managed to launch a preview version of Flash for Android — three years of bickering, when doing so would have been a major PR coup, and Adobe still hadn't managed to produce anything. That says as much about the death of Flash as anything. It clearly wasn't ready when mobile devices came of age. Jobs couldn't have had it if he'd wanted it.

        The letter was score settling for the atrocious Mac implementation though, I'm sure.

        1. Greg J Preece

          Re: (2); Jobs' letter came two months before Adobe finally managed to launch a preview version of Flash for Android

          I keep hearing over and over the claim from his open letter that Flash "still wasn't running on Android". Ask anyone who owned an Android phone at the time - we had Flash. The N900 had Flash. Flash was on mobile. I really don't get what that whole thing was about. Had every version of Flash on Android before then been a beta or something?

  16. MacroRodent Silver badge

    Legos going pop in the night

    "It's the Lego brick in your foot when you're feeling your way through a dark kitchen at 3am."

    Love the simile! The writer has kids, too, I guess.

    Incidentally, I'm planning to upgrade the laptop whom I maintain for a totally computer-illiterate auntie type person, who needs it mostly for online banking. It certainly would be safest to leave Flash out of it this time, but I must first test who many of her favourite sites it would affect (resulting in a call to me about the computer being broken...).

    1. seven of five

      Re: Legos going pop in the night

      Yes, but unlike flash, Lego is the best thing in the world.

      1. MacroRodent Silver badge

        Re: Legos going pop in the night

        Yes, but unlike flash, Lego is the best thing in the world.

        Sure! Except when you step on it. And especially if the brick is upside down. An event like this in my childhood caused me to learn just how thick the epidermis is under the foot. The brick sliced a neat sample of it.

        1. Anonymous Coward
          Anonymous Coward

          Re: Legos going pop in the night

          But a 3-pin plug, pins up, is measurably worse. The CIA have BS1363 plugs flown into Gitmo and other dark sites especially, so they can leave suspected terrorists barefoot in dark rooms with the things liberally scattered on the floor. After a few hours fruitlessly and painfully trying to reach the bed, the toilet or the feeding hatch, the victims always confess.

          1. Anonymous Coward
            Anonymous Coward

            Re: Legos going pop in the night

            "After a few hours fruitlessly and painfully trying to reach the bed, the toilet or the feeding hatch, the victims always confess."

            This is why Jordan use BS1363 fittings (plus the fact that US and European plugs are sh*te).

    2. jzlondon

      Re: Legos going pop in the night

      I know this is anal, but the plural of Lego is Lego. Not "Legos".

      "Lego bricks" if you really must use an S.

  17. Anonymous Coward
    Anonymous Coward

    Required for VMWare vCentre Web client

    Unfortunately, flash is required for the vCentre web client. While the web client is a total abortion and I try to avoid using it wherever possible, I have some vmx-10 virtual machines I have to wrangle. I have to use it for these since the VI client can no longer edit the VM configuration of vmx-10 machines.

    Please VMware, remove this flash dependency, then I can be rid of it.

    1. Anonymous Coward
      Anonymous Coward

      And Cisco :-(

      Cisco's servers require Flash to manage them too. When I first complained to Cisco about it, they said "Meh." When I pointed out other server vendors manage to write management interfaces without Flash, they just shrugged their shoulders.

      1. Anonymous Coward
        Anonymous Coward

        Re: And Cisco :-(

        "Cisco's servers require Flash to manage them too. When I first complained to Cisco about it, they said "Meh." When I pointed out other server vendors manage to write management interfaces without Flash, they just shrugged their shoulders."

        Possible riposte. Tell Cisco that if they get pwned because of the need for Flash, the potential financial liability due to lawsuits and so on will be for more than it would cost your firm to do a top-down Cisco-free overhaul of the infrastructure. "A little pain now to dodge a lot of pain later" is at least something bean counters would understand, and few things will make a firm like Cisco take notice is the threat of a defection (and all the viral bad press that entails).

    2. Alister Silver badge

      Re: Required for VMWare vCentre Web client, And Cisco

      and as if it wasn't bad enough that for VMWare and Cisco you need Flash, if you use Cisco ASA, you still need Java to run the ASDM - which for somethings, you need, as you can't get to the bits from the console session.

    3. Brian Souder 1

      Re: Required for VMWare vCentre Web client

      Maybe release 6 will fix that problem. :-)

  18. jzlondon

    Horrifying thought

    I really don't want my back account drained outside a qualified medical establishment. What if I was at my desk at work? Think of the mess!

  19. Proud Father

    Leverage, Leveraged, Leveraging

    Why? It's USE, USED and USING.

    /MyPetHate

    1. Dave 126 Silver badge

      Re: Leverage, Leveraged, Leveraging

      Mine is 'a differential' is when someone means 'a difference'. We don't hear people using 'a sequential' when they mean 'a sequence', 'a torrential' when they mean 'a torrent', or 'a cyclical' when they mean 'a cycle', so why the constant of misuse of 'differential' by people who should know better?

      'A differential gearbox' and 'a differential analysis' are fine.

      1. teebie

        Re: Leverage, Leveraged, Leveraging

        "We don't hear people using 'a sequential' when they mean 'a sequence'"

        You do in Bristol. They speak funny there.

        1. Loyal Commenter Silver badge

          Re: Leverage, Leveraged, Leveraging

          Nah, that's when we mean 'sequencer'.

    2. Mike Bell

      Re: Leverage, Leveraged, Leveraging

      FFS, we've been through this before.

      To leverage something is to use it to maximum advantage.

      There are more important things to worry about.

  20. Jeff Lewis

    Here's the thing - and this is what makes all of this truly sad and depressing - the only reason people keep using Flash is that there really isn't anything to replace it. HTML5? No - it doesn't because apparently the W3C thinks Flash == YouTube and so only worried about video streaming.

    Which they didn't get right anyway.

    What's been needed for a decade is a modern infrastructure that tames the Wild West mess that is the web and brings in a consistent, advanced *modern* platform based on a bytecode system like Java or .Net - in fact, .Net even has the advantage of being relatively language agnostic.

    The horrible dog's breakfast that is HTML/CSS/Javascript gets left behind when you have better things to do than reinvent the wheel every ten minutes, fight endless package conflicts, have to deal with 'flavour of the week' and develop with tools that make emacs look good again.

    Antivaxxers? Well, I guess one kind of closed-mindedness rationalises another...

    1. Charles 9 Silver badge

      It wasn't so much that video streaming was the only thing they bothered with as video was the only thing they could come to an agreement. When it comes to more interactive elements, there are such entrenched interests that consensus was impossible As it is now. What are you going to use to replace Flash that (a) isn't buggier then Flash (that removes JS and Java, both error-prone), (b) that everyone will agree to, and (c) won't get hijacked by some entrenched interest down the road?

    2. Daniel B.
      Boffin

      Java

      Java is probably the one language/platform that should (theoretically) be ready for distributed application deployments. They have all the stuff for clientside, serverside, and client/server support with a robust middleware tier for complex stuff. The problem has been that for many years, Java was seen as "slow" and "unsexy", so many web devs have jumped into other stuff, or use JS to fill the gaps. So we probably will need something as good as Java, but without the security issue stigma that Java got. Ideally I'd propose Java, but I doubt people will want it as the main option for this, given its reputation.

  21. Brian Souder 1

    Flash to HTML 5

    I was going to say imagine how much money Adobe would make if they came up with a tool that their designers that knew the Flash Pro environment could just make content with their old flash files. I had remembered Adobe acknowledging flashes days were numbered.

    http://helpx.adobe.com/flash/using/creating-publishing-html5-canvas-document.html

  22. EssEll

    Yes, but...

    Don't disagree with the sentiment - baggsie first in line to beat the tobacco juice out of it - but what are you going to replace it with? It's very ubiquity is the biggest hurdle here; some flash bastard (pun intended) needs to come with something new *and* get the market penetration that Flash has before Flash can be retired (with extreme prejudice, hopefully).

  23. The_H

    DItched the lot

    We've ditched everything Adobe at our place (100+ seats) - it's the riskiest stuff around, and just not worth the hassle anymore.

    1. Anonymous Coward
      Anonymous Coward

      Re: DItched the lot

      When will people learn that providing masses of power with bad security design is a gift to the hackers.

      Microsoft learned that lesson with ActiveX, Adobe are trying to fix a product that is fundamentally flawed from the ground up.

      Next is Google Android with it masses of features and rather shitty permissions system.

  24. Anonymous Coward
    Anonymous Coward

    Flash is still occasionally required where I work

    We have mandatory training, which is built using flash. Some of it is years old, but some of it is new in the last few months. We bitch and moan because a lot of us don't use windows or have flash, but the only answer is to get a VM up and running with XP or Windows 7 so we can use IE for these mandatory training courses. New stuff is *still* being rolled out which requires Internet Explorer and/or flash.

    Shitty.

  25. RonWheeler

    The Chrome embedded Flash is quite good

    Certainly better than the horrible (but geek-chic-trendy) HTML5 player when using Youtube. I use an extension to prefer Flash rendering, and this is a fast desktop PC with all the bells and whistles. I 'get' it Flash can be an issue, but HTML5 isn't production-environment ready despite the hype.

  26. Anonymous Coward
    Anonymous Coward

    I guess the only downside to getting rid of Flash is you can't then block or uninstall it to get rid of so much WWW garbage.

  27. Anonymous Coward
    Anonymous Coward

    I propose...

    We dispatch JQuery and AJAX, to bring back the body.

  28. Benjamin 4

    I don't understand what people have against flash. Sure it has a few secuity holes, but I've always maintained that a good secuity program will mitigate this. Sure it used to be a resource hog, but since I got my current laptop (i7-2760qm 16gb ram) I've never noticed performance issues related to flash, so I think it just needed computers to catch up to it.

    There are many sites that still rely on flash especially since I can't stand Firefox past v20 or so so most of the html5 video etc doesn't work properly. As long as you have a decent computer and security I don't see it as a problem. I do however agree there is no need for it on business computers.

    1. Afernie
      Facepalm

      "Sure it has a few secuity holes, but I've always maintained that a good secuity program will mitigate this. "

      A few? 390 so far to be exact, the vast majority of which rate 10.0 on the severity scale. 12 of which have been in January 2015 alone. It is an abysmal,appalling piece of software that makes the Java Runtime look safe.

    2. Mike Flugennock
      Coffee/keyboard

      Leave Britney ALOOONNNE!

      "I don't understand what people have against flash. Sure it has a few secuity holes, but..

      ...Sure it used to be a resource hog, but since I got my current laptop...

      ...As long as you have a decent computer and security I don't see it as a problem..."

      Shill much?

  29. Anonymous Coward
    Anonymous Coward

    But what about the breed stablemates?

    Windows is of the same breed.

    In fact it is likely worse so what about Windows then ?

  30. TaabuTheCat

    "And then empty my back account."

    I think you'll find they want to fill your back account.

  31. iMap

    Steve Jobs was right!

    "It's old. It's rubbish for mobile. Namaste" and not only for mobile..

    This antiquated plug-in has a legacy of security risks that outweight the benefits.

    Adobe, just pull it, bin it and put the pressure on webmasters to update to html5,

    generate work for the masses!

    1. Mike Flugennock

      Y'know, I'd switch to HTML5, but...

      ...everything I've read about DRM has made me cautious and skeptical.

      I have FlashBlock installed on both browsers I use -- Firefox and SeaMonkey -- with a blocklist as long as my arm, along with AdBlockPlus and NoScript.

      All I really use Flash for these days is watching YouTube footage, that's pretty much it. For all other Flash content, my browsers have standing orders to "shoot on sight".

  32. Stuart Halliday
    Megaphone

    Someone want to tell us why Adobe keep dropping stitches in their code?

  33. herman Silver badge

    Yah, having Adobe on your resume is a huge black mark for any programmer. Anyone that ever worked at Adobe, is unemployable.

    1. Mike Flugennock

      "Anyone that ever worked at Adobe is unemployable"

      I'm down with you in principle, but I think you're being a little bit rough.

      After all, there are the people who worked on Illustrator and Photoshop, a couple of genuinely well-done and indespensible applications in my line of work -- and, btw, two of the only three (?) applications developed by Adobe in-house, not assets acquired from other companies, like InDesign (formerly PageMaker, developed by long-gone Aldus) and Flash (ex-Macromedia).

      But, anybody who worked on Flash? Yeah, sure, chase 'em out of the building with tire irons and baseball bats.

  34. Alan Brown Silver badge

    Bloatware

    "In its day, Flash was the kind of product Adobe does so well; like Reader, so handy and straight forward they become near-ubiquitous"

    In their day, macromedia flash and adobe reader were small, tightly written programs which did one function.

    Adobe kept bloating their featureset and adding more bugs.

    WRT gripes about the BBC, recall how long it took for them to support MP3 instead of proprietary-codec-only broadcasts (do they broadcast in ogg yet?)

  35. PeterM42

    FLASH? FLASH? FLASH?

    Oh! you mean "CRASH"!!!!!!

  36. sisk Silver badge

    Flash supporters?

    It still has supporters? Actual supporters and not just clueless folks who install whatever their computer says it wants? Are you sure?

  37. Mike Dimmick

    Internet Explorer users

    IE users can selectively block Flash and other plug-ins loaded by pages using the ActiveX Filtering feature. This has been part of IE since IE9. Click the gear icon at the right-hand end of the tab bar, go to Safety, then check ActiveX Filtering.

    Now, when a site tries to load any ActiveX object - including Flash and Java applets - it will silently ignore them. You'll get a blue circle icon with a diagonal line through it, just to the left of the reload icon. If you want to re-enable for that site, click the icon, then click "Turn off ActiveX Filtering". Despite the name, it only operates for that site.

    The blue icon will also appear in the top-left of any placeholder areas where the control would have loaded.

    On any page on that site which loads an ActiveX control in future, you'll see a grey icon instead of the blue one (same shape). Click the grey icon then click "Turn on ActiveX Filtering" to filter out again.

    On Windows 8 and 8.1, Metro IE does not have any UI to control ActiveX Filtering - since it won't load any ActiveX control barring Flash - but it does obey the filtering rules. To turn it on and off, and control it for a site, open the page in desktop IE.

  38. Barely registers
    Flame

    Let's get together and call ourselves an institute

    Hey - ain't we uninstalling the same software together on the very same day?

    I propose the ultimatum tweet:

    @AdobeFlash #Flash #FixItOrNixIt

    1. Anonymous Coward
      Anonymous Coward

      Re: Let's get together and call ourselves an institute

      Hell yeah!

      Maybe #FixItOrNukeIt ?

      Flash deserves to die horribly with extreme prejudice, along with the asshat sites that plug the Flash plugin.

  39. achillesneil
    Linux

    It will die a long slow death...

    I've been using OpenBSD quite a lot lately where Flash is not available due to the security implications, which is quite sensible.

    However, you still have sites like the BBC iPlayer that still require you to use Flash to watch anything, so I suspect it is going to be around for a while yet...

  40. Manu T

    WTF?

    "In its day, Flash was the kind of product Adobe does so well"

    Incorrect!. It was originally from Macromedia NOT Adobe. Adobe bought the company and got Flash with it.

    "This latest security vulnerability is, as always, triggered when the plugin tries to play a malicious Flash file – allowing hackers to download malware onto PCs and effectively hijack the computers so passwords and more can be stolen."

    This is because all those morons abuse Flash to build application-like code! Flash wasn't intended to build apps but to make interactive and active (read: animated) webpages. If you use flash like it should then there aren't any problems at all.

    "...it's time to take the software round the back of the shed and shoot it... "

    Big talk from an online "tech-"magazine that's lost a lot of credibility the last few years. Due to spilling nonsense like this. The only thing you do with articles like this, is spread FUD!

    If Flash is used like should be and for what is was intended then there's no problem with Flash. Something everyone with enough common sense knows (or should know).

    "...Even if Adobe put its top programmers working on Flash, a free piece of software, a lot of people around the world are very keen to find exploitable bugs in the plugin so they can break into victims' computers..."

    Not to mention that spreading FUD like this only makes matters worse instead of ease the situation. Sure El Reg, we got it... YOU hate Flash... blablabla.

    "Many netizens have recognized that Flash is too old and doddery ..."

    You mean the gullible ones that take these articles seriously?

    "The fact is, Flash is just not fit for purpose."

    No it is PERFECTLY fit for the purpose it was intended! To build animated and interactive webpages! It's NOT fit to build applications and games.

    "The worst, very worst, part of it all is that Steve Jobs was right."

    No he wasn't! The reasons Jobs didn't want Flash had a more personal nature than he obviously wanted to admit. He used "security" as a sophism. But you are free to believe what you will. Fact is parroting Apple's specious arguments isn't helping anyone.

    So stop spreading FUD and write some REALLY interesting tech-articles.

    1. Joel 1
      Trollface

      @Manu T

      Now if only we can get malware authors to use apps the way they were intended, instead of using undocumented and unintended functions. Because that's just malicious...

    2. Anonymous Coward
      Anonymous Coward

      If Flash isn't fit for games, WHAT IS? Java and JS are just as bug-ridden, the casual gamers will complain if forced to go without, and if it isn't agnostic, penguinistas will moan since even Steam on Linux is a pale imitation.

  41. Florida1920 Silver badge
    Pint

    There's gold out there

    Spent some time looking at artists', architects' and musicians' sites today. Whoa! FLASH FLASH FLASH. Sure, you can step past it, but they paid for that glitter and by gee they want you to see it. There's money to be made reworking those pages, once John Q Public wises up. I won't hold my breath while I drink my beer, though.

    1. MacroRodent Silver badge

      Re: There's gold out there

      Many visual artists are just unable get the notion that in the online world, they cannot completely control what the viewer sees, even if they try their best (even if the display size and resolution happens to be exactly the same that the artist had, the colour rendering is off, unless you have a calibrated display!). That explains the obsession with Flash, which seems on the surface to do what they want. I know an artist, well-regarded in his field, whose web site is a huge Flash application that simulates a book, down to requiring navigation by "turning pages".

  42. Crisp Silver badge

    AdBlock has never been so useful.

    It's probably stopped more threats reaching my PC than every anti-virus program I've ever had.

  43. ninawilliam89

    freecell solitaire greenfelt

    Just ask The guys at <a href='http://webofsolitaire.com/Solitaire-FreeCell-Game' title = 'freecell solitaire greenfelt'>freecell solitaire greenfelt</a>

    or [url=http://webofsolitaire.com/Solitaire-FreeCell-Game]freecell solitaire greenfelt[/url]

    Studios. They make excellent games with only a scary amount of JavaScript. No flash to be seen.

    1. Anonymous Coward
      Anonymous Coward

      Re: freecell solitaire greenfelt

      And JavaScript is just as bad and just as holey.

      1. Manu T

        Re: freecell solitaire greenfelt

        Not to mention MUCH more dificult for a web-"designer".

        Because lets be honest, some of us aren't programmers and became webdesigners when we were doing graphic design work for printing. Back then program's like Dreamweaver were great and fun to use as well.

  44. Manu T

    "...It's time to flush Flash back to where it came from..."

    Oh please. If those website designers used Flash for what it was intended (dynamic webpages) instead of abusing it to build apps then there are no problems!

    But it's always the same. Something is invented for certain stuff, people use it for something else and then complain that it's the worst.

    BTW. Flash didn't came from Hell but from Macromedia. And macromedia made some great stuff before it was bought by Adobe. I didn't see you lot complain then!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019