Breach, Security Program Controls/Technologies, Endpoint/Device Security

The Death of Flash

Adobe Flash
Author: Sogetilabs’ Michael Feith
Author: Sogetilabs' Michael Feith

In 2010 Steve Jobs posted his manifesto “Thoughts on Flash” as a response to the criticism of Flash not being available on Apple portable devices. In this document, he calls out Adobe to switch from focusing on Flash in order to make money to “creating great HTML5 tools for the future”. Seven years later Adobe finally grants him this wish by announcing that they will stop updating and distributing the Flash Player in 2020.

Macromedia Flash 1.0 was launched as a rebrand of its precursor, FutureSplash Animator. What started out as a graphic and media tool became the standard for interactive web applications. In 2005 more computers had Flash installed on it than Java or Windows Media Player. In the same year, Macromedia was bought by Adobe. This included their product line of Flash, Dreamweaver, and Shockwave. Adobe continued to develop these products and tried to maintain its position by bringing out two major releases of Flash based on the ActionScript 3.0 language.

Jobs said that Apple “strongly believes that all standards pertaining to the web should be open. Rather than use Flash, Apple has adopted HTML5, CSS, and JavaScript – all open standards.” As the years went on, even Adobe realized that the open standards had not only caught up, but they were not going to be able to close the gap with a proprietary solution. Most likely it was the reason behind the rebrand of Flash Professional to Adobe Animate. While you can still pump out .swf and Adobe Air formats, a third of the content created in the application is already published in HTML5 or WebGL.

Flash Security Concerns

However, it wasn’t the open standards that killed Flash. Security, performance, and battery life issues were the main challenges that caused it to be dropped by users. In 2015 Flash was identified as providing 8 of the top 10 security vulnerabilities. This includes severe breaches such as arbitrary code execution and even hacking webcams. These vulnerabilities led to Facebook and Google gradually replacing Flash on their sites with HTML5 in 2016.

So is Flash completely dead? No. There are still people that (have to) use browsers that don’t score high on the HTML5 compatibility scale. With the tech giants making the switch it will, however, trigger more people to upgrade operating systems and browsers, further lowering the dependency on Flash going forward.

If you’re still running parts of your web ecosystem in Flash it might be smart to not wait until 2020 to migrate to HTML5 standards. The time to move is now, and if you haven’t you risk a degradation in customer experience or put yourself at a significant security risk. At Sogeti, we can help you make this transition, or look at the options for moving your web applications to full web CMS solutions.

Michael Feith is a digital solution architect at Sogetilabs. Read more Sogetilabs blogs here.

Sponsored by SogetiLabs

SogetiLabs is a community of over 120 technology leaders from Sogeti worldwide. SogetiLabs covers a wide range of digital technology expertise: from embedded software, cyber security, simulation, and cloud to business information management, mobile apps, analytics, testing, and the Internet of Things. The focus is always on leveraging technologies, systems and applications in actual business situations to maximize results. SogetiLabs provides insight, research, and inspiration through articles, presentations, and videos that can be downloaded via the extensive SogetiLabs presence on its website, online portals, and social media.