Somewhere today Steve Jobs is smiling about Adobe's announcement that they are going to stop development of Flash for mobile platforms. Along with Steve there are plenty of my friends in the security space smiling about it as well (they are still alive though). Over the last few years Flash has become a major attack vector for malware attacks. It felt like there was always another update being installed to close yet another hole in it. It seems that HTML 5. the open standard backed by so many companies (including Adobe) has made Flash redundant and expendable. Chalk one up for the good guys!
Of course security issues aren't the only reasons that Jobs and others loathed Flash. On mobile devices it was a resource and battery hog. Also from platform to platform, mobile browser to mobile browser it worked a little differently. Differently enough where users did not have a consistent user experience from one type of phone or device to another. That is just anathema to developers.
Adobe's message on the end of Flash for mobile did not mention anything about discontinuing Flash development on the desktop. Flash is still installed on an overwhelming majority of them. But one would hope that this is the beginning of the end for Flash there as well. Developers aren't going to want develop Flash and non-Flash versions, especially if by developing in HTML5 they can have their cake and eat it too, getting both mobile and desktop users with one technology.
So it turns out Jobs was right. When he wrote his tirade on Flash many including this author thought that there might have been some personal vendetta or some sinister plan for Apple world domination at play there. But it would seem that even if that were true, there were some good and valid reasons for not supporting Flash on the phone.
I hope that Adobe learns its lesson from this as well. While they have recently been more embracing of open source, in the past they have clung to the black box mentality that is just so 1995. Embracing HTML5 and opening up more can only help them through the recent troubles they seem to have including laying off 750 people recently. So ring the bell, the wicked Flash is dead.
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast. Follow him on Google.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.