Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

FLASH MUST DIE, says Facebook security chief

It's in a magic bad-but-not-bad-enough hellspot - so just kill it already

Newly-minted Facebook security chief Alex Stamos has called for Adobe Flash to be taken out behind the shed by a shotgun-wielding world.

The former Yahoo! security head joined Menlo Park this year and over the weekend said in two Tweets that it is time the death knell chimed for the Adobe's much-hacked tool.

"It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day," Stamos says.

"Even if 18 months from now, one set date is the only way to disentangle the dependencies and upgrade the whole ecosystem at once.

"Nobody takes the time to rewrite their tools and upgrade to HTML5 because they expect Flash forever. Need a date to drive it."

His comments follow the disclosure of three zero-day vulnerabilities in Flash revealed in leaked source code released as part of the 400Gb Hacking Team archive.

Stamos was quizzed by Twitter users on the fate of various Facebook features such as games and the image uploader that rely on Flash.

He did not say by the time of writing whether the web platform would be ejected in favour of HTML5.

Brad Arkin. (The Register)

The late Apple boss Steve Jobs fired a Flash salvo in 2010 when he criticised the 'PC-and-mouse' platform for being outdated in the world of low-powered mobile devices.

"Symantec recently highlighted Flash for having one of the worst security records in 2009. We also know first hand that Flash is the number one reason Macs crash. We have been working with Adobe to fix these problems, but they have persisted for several years now. We don’t want to reduce the reliability and security of our iPhones, iPods and iPads by adding Flash," Jobs wrote.

Last year Adobe chief security officer Brad Arkin told the Australian Information Security Association that its focus on increasing the cost of exploiting Flash and Reader rather than just patching individual vulnerabilities led to a big reduction in zero-day attacks.

Arkin said it dropped the time-to-patch from 10 weeks in 2009 to 36 hours last year. ®

Similar topics

TIP US OFF

Send us news


Other stories you might like