or Connect
AppleInsider › Forums › General › General Discussion › Apple decision to disable old Flash versions lauded by Adobe security chief
New Posts  All Forums:Forum Nav:

Apple decision to disable old Flash versions lauded by Adobe security chief

post #1 of 18
Thread Starter 
Adobe's senior director of security praised Apple for rolling out a Safari update on Wednesday that disabled old Flash Player versions that may be vulnerable to malicious code.

Adobe Senior Director of Security, Products and Services Brad Arkin commended Apple's move to automatically disable obsolete versions of his company's Flash Player in a Wednesday blog post, reports MacWorld.

"We welcome today's initiative by Apple to encourage Mac users to stay up-to-date," Arkin wrote yesterday in a post on the Adobe Secure Software Engineering Team (ASSET) blog. "Remember: The single most important thing we can do to protect ourselves from the bad guys is to stay up-to-date. A thank you to the security team at Apple for working with us to help protect our mutual customers!"

The post was in response to Apple's Safari 5.1.7 update that runs on OS X Lion, Snow Leopard and Windows 7, XP, and Vista. Flash software older than version 10.1.102.64, which dates back to November 2010, are automatically disabled in the update which leaves users to manually reinstate the software if they want to use legacy players.

Arkin went on to recap the steps Adobe is taking with its various product lines, background updating for example, to ensure the security of its customers. While not all of Adobe's automated updating tools are available to Mac users, the security chief did note that the company is continuing to develop products for Apple's OS.

"A Mac version of the Flash Player background updater is currently in beta and will be available very soon—stay tuned," Arkin said.

Adobe released an emergency update to fix a cross-platform Flash exploit less than a week ago and while many Windows PCs were automatically fixed, Mac users were left to install the software manually.


Brad Arkin
Adobe security chief Brad Arkin speaking in a company video. | Source: Adobe


Apple and Adobe's relationship has been somewhat strained since Steve Jobs wrote an open letter in 2010 that described Flash as being a PC-era format that "falls short" in the current low-power mobile computing environment.

Later in 2011 Adobe CEO Shantanu Narayen downplayed the Flash on iOS debacle, saying that the dispute was over. He went on to predict that Flash-packing Android tablets would one day dominate Apple's iPad and that HP and RIM would make headway in the enterprise tablet market. Five months later Adobe announced that it was halting further development of Flash for mobile devices, saying that it was turning its focus to HTML5 and AdobeAIR instead.
post #2 of 18

Ah, so all the people on here whining about how terrible it is that Apple did this… and Adobe themselves are behind the decision. Nice.

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply
post #3 of 18
Quote:
Originally Posted by Tallest Skil View Post

Ah, so all the people on here whining about how terrible it is that Apple did this.

 

Why is it terrible? You can re-enable the out of date plug-in if you want to. I just don't get why some people are complaining.

 

http://support.apple.com/kb/HT5271

post #4 of 18
Quote:
Originally Posted by Tallest Skil View Post

Ah, so all the people on here whining about how terrible it is that Apple did this… and Adobe themselves are behind the decision. Nice.


who is whining and where?  in this thread, yours is the first and only comment thus far.  if you're referring to the 5.1.7 announcement, there are about 30 comments, only two of which are critical about the update, and only one of those two is "whiny". 

"Personally, I would like nothing more than to thoroughly proof each and every word of my articles before posting. But I can't."

appleinsider's mike campbell, august 15, 2013
Reply
"Personally, I would like nothing more than to thoroughly proof each and every word of my articles before posting. But I can't."

appleinsider's mike campbell, august 15, 2013
Reply
post #5 of 18

If the best idea in the room isn't yours, then the best idea is to back to the hilt whoever thought of it.

 

Anybody here familiar with Adobe PR speak?

 

Does 'very soon' mean 'Half Life 3 soon' or 'fixing mobile Flash soon' or is he referring to something that we may see within a year or so?

If you value privacy you can now set DuckDuckGo as your default search engine in iOS and OS X.
Reply
If you value privacy you can now set DuckDuckGo as your default search engine in iOS and OS X.
Reply
post #6 of 18

"Whooo Apple is fixing our problems"

 

The real solution will be when they properly sandbox Flash.

 

Another thing I absolutely don't get is Adobe's "update Flash" popup - Flash should not be allowed to show such a popup (link to install some software which may or may not be a spoof). Not in a million years. Even if they were allowed, they shouldn't do it - the official update prompt looks like malware. And malware is already made to look exactly like the official install prompt. They should be allowed to present a link which then goes to the official installer page. Or just do away with it and silently auto-update in the background, the way Google does it. 

 

Sigh. Flash is such Bullshit.

 

/rant 

 

;)

post #7 of 18
Quote:
Originally Posted by orthorim View Post

"Whooo Apple is fixing our problems"

 

The real solution will be when they properly sandbox Flash.

 

Another thing I absolutely don't get is Adobe's "update Flash" popup - Flash should not be allowed to show such a popup (link to install some software which may or may not be a spoof). Not in a million years. Even if they were allowed, they shouldn't do it - the official update prompt looks like malware. And malware is already made to look exactly like the official install prompt. They should be allowed to present a link which then goes to the official installer page. Or just do away with it and silently auto-update in the background, the way Google does it. 

 

Sigh. Flash is such Bullshit.

 

/rant 

 

;)

 

That's no rant.

 

That's a genuine concern, and I utterly agree.

 

Whenever I get my little 'update Flash' window I dutifully close it, go into System Preferences and update Flash from there.

 

Adobe's updater does look like potential malware.

If you value privacy you can now set DuckDuckGo as your default search engine in iOS and OS X.
Reply
If you value privacy you can now set DuckDuckGo as your default search engine in iOS and OS X.
Reply
post #8 of 18
Quote:
Originally Posted by GTR View Post

That's no rant.

That's a genuine concern, and I utterly agree.

Whenever I get my little 'update Flash' window I dutifully close it, go into System Preferences and update Flash from there.

Adobe's updater does look like potential malware.

I agree with the decision. It's for Apple and Adobe's mutual benefit. It's business... Smart business.
post #9 of 18
Apple and Adobe agree on something with respect to Flash. Did anyone see avian swine around here?

Quote:
Originally Posted by orthorim View Post

"Whooo Apple is fixing our problems"

The real solution will be when they properly sandbox Flash.

Another thing I absolutely don't get is Adobe's "update Flash" popup - Flash should not be allowed to show such a popup (link to install some software which may or may not be a spoof). Not in a million years. Even if they were allowed, they shouldn't do it - the official update prompt looks like malware. And malware is already made to look exactly like the official install prompt. They should be allowed to present a link which then goes to the official installer page. Or just do away with it and silently auto-update in the background, the way Google does it. 

I agree, I was very wary of the pop-up. I think they're offering auto-updates, which might be a good solution.
post #10 of 18

Wait, Adobe has a security chief? I did not know that.

post #11 of 18
Quote:
Originally Posted by JeffDM View Post
Apple and Adobe agree on something with respect to Flash. Did anyone see avian swine around here?

 

Well, that's that. Stock up on nonperishables, everyone, the zombie apocalypse is upon us. Remember those bird flu scares? And those swine flu scares?

The viruses have crossbred and it's gonna kill us all. Well, at least the ones that aren't immune. Good news is, if you are immune, you get to fight off the undead hordes of everyone else. 

 

Why's that good news? Because when everyone's an undead zombie, you can kill them all, and with them all dead, nothing will stop you from waltzing into Infinite Loop 6 and getting your hands on the next iPhone!

 

Though it'll probably be a while before civilization rebuilds itself to the point where we can take advantage of LTE again. And… charge batteries. So! The faster the survivors kill off the zombies, the faster you can get to repopulating and the faster you can use your new iPhone!

 

Quote:
Originally Posted by lkrupp View Post
Wait, Adobe has a security chief? I did not know that.

 

Pretty easy to miss. Don't beat yourself up over it. lol.gif

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply
post #12 of 18
The 5.1.7 update was so effective. It didn't stop m using Flash, yet I was a whole update behind. Latest: 11.2.202.235 Mine was: 11.1.203.306 Obviously it only works if you have the Flash System Preferences plugin
post #13 of 18

This update blew me away in terms of efficiency and implementation. It truly is a great update for consumers.

post #14 of 18

As a sometime Flash developer -- I laud it too.

 

Having to design for "version 8 or 9" of Flash so that MOST people can view your content is a pain. If you GUARANTEE that everyone is using Flash version 11 -- it gets rid of the Lowest Common denominator.

 

People would upgrade more if it was automatic in a "trusted" environment. It's been attempted before -- by Microsoft -- but in an ad hoc manner.

 

The App Store Apple is pushing does a great job of creating a "trusted environment" -- but if there were a million flavors of the "iOS platform" like you had with Android -- people would turn it off because they just want to stay with "what works." Only in a vertical environment of enforced standards can automatic upgrades and trusted software really work.

 

>> That can be a blessing and a curse; If Apple ever becomes the dominant platform -- the FEES charged by the App Store will have to be revisited. Sure, 30% is a no-brainer for a small software foundry that had to do their own marketing and distribution before -- you can get a 100% of nothing + Expenses or 70% of something with almost NOT expenses. But when you have NO CHOICE but to deliver via the App Store -- it has to become like a Utility.

 

WE are not there yet -- but there will come the day. If you cannot distribute on anything but the App Store in a reasonable way -- the fee should be around 5% or NONE AT ALL. It becomes like public utility at that point. The INTERNET should have been the same -- because the main expense for the infrastructure was and is paid for by the Taxpayer -- but ISPs charge for a "service" to provide the last mile connection and act as gatekeepers to something they never created or maintain.

 

The "World Wide Web" is a system where an URL finds an IP address for us -- it's distributed to our Internet Providers (but doesn't HAVE to be -- it just speeds it up). For instance; without a "Man In the Middle" attack, we usually can trust that "applesider.com" goes to this website. The App Store doesn't create the software -- it's just a reliable way to police for incompatible and trojan horse laden shovelware. It's a public service with a single provider.

 

If Apple grows to over 30 or 50% of the market -- and our anti-trust system is STILL FUNCTIONING (big "IF" actually) then I fully expect that the App Store is going to have to find a new way to get revenue or drastically reduce it's markup.

post #15 of 18
Quote:
Originally Posted by Fake_William_Shatner View Post

As a sometime Flash developer -- I laud it too.

Having to design for "version 8 or 9" of Flash so that MOST people can view your content is a pain. If you GUARANTEE that everyone is using Flash version 11 -- it gets rid of the Lowest Common denominator.

People would upgrade more if it was automatic in a "trusted" environment. It's been attempted before -- by Microsoft -- but in an ad hoc manner.

The App Store Apple is pushing does a great job of creating a "trusted environment" -- but if there were a million flavors of the "iOS platform" like you had with Android -- people would turn it off because they just want to stay with "what works." Only in a vertical environment of enforced standards can automatic upgrades and trusted software really work.

>> That can be a blessing and a curse; If Apple ever becomes the dominant platform -- the FEES charged by the App Store will have to be revisited. Sure, 30% is a no-brainer for a small software foundry that had to do their own marketing and distribution before -- you can get a 100% of nothing + Expenses or 70% of something with almost NOT expenses. But when you have NO CHOICE but to deliver via the App Store -- it has to become like a Utility.

WE are not there yet -- but there will come the day. If you cannot distribute on anything but the App Store in a reasonable way -- the fee should be around 5% or NONE AT ALL. It becomes like public utility at that point. The INTERNET should have been the same -- because the main expense for the infrastructure was and is paid for by the Taxpayer -- but ISPs charge for a "service" to provide the last mile connection and act as gatekeepers to something they never created or maintain.

The "World Wide Web" is a system where an URL finds an IP address for us -- it's distributed to our Internet Providers (but doesn't HAVE to be -- it just speeds it up). For instance; without a "Man In the Middle" attack, we usually can trust that "applesider.com" goes to this website. The App Store doesn't create the software -- it's just a reliable way to police for incompatible and trojan horse laden shovelware. It's a public service with a single provider.

If Apple grows to over 30 or 50% of the market -- and our anti-trust system is STILL FUNCTIONING (big "IF" actually) then I fully expect that the App Store is going to have to find a new way to get revenue or drastically reduce it's markup.

I'm sorry, but what? Microsoft has escaped antitrust with larger market shares than that. I doubt Mac OS X will ever get that large of a market share.

Your 5% cut sounds highly entitled to me. 30% is actually a very reasonable cut. You don't account for credit card transaction fees (which can get to 5% alone), servers, maintenance, infrastructure, data center costs, curating the store. It's not a profit center like you want to think of it. Data centers cost billions a pop, and Apple has several to support their app and content stores, and provide iCloud to all Apple users ad free and without charge, up to 5GB.

Internet backbones are not government owned or maintained. The only thing government owned is the right of way.

When you get a better understanding of the real world, then you won't be saying such things.
Edited by JeffDM - 5/11/12 at 9:34am
post #16 of 18

...

Groupthink is bad, mkay. Think Different is the motto.
Reply
Groupthink is bad, mkay. Think Different is the motto.
Reply
post #17 of 18

They have an auto updater. Why wouldn't this be to their benefit? It helps their reputation for security and it's about to become a non issue anyway. They have a 96% install base in browsers, but only 50% is currently up to the latest greatest player. Disabling old plugins and silently updating new ones is a great way for them to eliminate security issues and push technology adoption forward faster.

Groupthink is bad, mkay. Think Different is the motto.
Reply
Groupthink is bad, mkay. Think Different is the motto.
Reply
post #18 of 18
Quote:
Originally Posted by jeffreytgilbert View Post
Adobe just got trolled so hard... epic. all they had to do was shut up. lol

 

lolololololololololololoolololoololl!!!!11!!!!!!!oneoneonetwotwothreeoneelevenmilliononehundredeleventhousandonehundredeleven

 

Come off it.

 

Quote:
Safari is, what, 8% of the browser market? Why are they even entertaining this when they know they have an autoupdater on the horizon.

 

Having what to do with anything?

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Apple decision to disable old Flash versions lauded by Adobe security chief