Advertisement

Facebook security lead wants Adobe to say when it's killing Flash

To put it mildly, Adobe's Flash plugin has fallen from grace in recent years. BlackBerry, Google and other companies once thought it was crucial to the web, but you'll now find many of these outfits going out of their way to avoid and contain Flash in the names of both security and promoting true standards. Need further proof that it's a pariah? Just ask Facebook's new security chief, Alex Stamos. He's calling on Adobe to not only choose an "end-of-life date" for Flash, but to enable web browser "killbits" that shut it off for everyone at once. That's the only way to "disentangle the dependencies" and get everyone to move on to more secure technology like HTML5, he argues.

It's doubtful that Adobe will be quick to heed Stamos' request any time soon given how many sites still depend on Flash. He certainly has some evidence in his favor, though. Numerous security exploits (such as those used by Hacking Team) revolve around Flash, and it's no secret that the sandboxing features in some modern browsers are designed primarily to minimize the damage from Flash-related attacks and crashes. For Facebook, getting rid of Flash would eliminate many of the security threats against both you and the social network itself.