Hacker News new | ask | show | jobs
by koonsolo 3483 days ago
The more complex software is, the more potential security flaws and memory leaks. All software is subjected to this. Bringing HTML5 to browsers adds to this, and don't assume browsers are immune because they are not developed by Adobe.

Same arguments can be made for Flash: Plugin's developer can fix it without waiting for browser. Disable the plugin and use the same browser.

Conclusion: makes no difference conceptually.
4 comments
vesinisa 3483 days ago
> Same arguments can be made for Flash: Plugin's developer can fix it without waiting for browser. Disable the plugin and use the same browser.

Not exactly comparable. Flash, at its height, had pretty much the "multimedia in browser" market cornered with draconian vendor lock-in effects. They didn't need to hurry that much with fixing issues, because what are you gonna do if you are not satisfied with the Adobe Flash plugin? Run your favourite Flash game with Microsoft Silverlight? Use the open-source plug-in that could only run some Flash 1.0 animations?

At least with browsers you can easily switch vendors (the whole point of standardization and techs like WASM), or even fork your own.

Even if I don't like Apple or Steve Jobs that much, I must say they did one great thing killing off Flash by not allowing it on the original iPhone.

link
bobajeff 3483 days ago
That's all well and good but what would you have us do? Move all web app development over to the Flash Player and disable JavaScript (and JS APIs) in browsers? We have to reduce the attack surface somehow.

Oh, and guess what? We now have no browser competition because all the relevant parts are in the Flash Player and good luck motivating Adobe to fix issues with it now that it's basically a requirement to run a browser. Oh, and now they could charge everyone to access it if they want.

link
phaser 3483 days ago
The difference is that Flash, being proprietary, Adobe is the only party allowed to fix a memory leak. HTML5, a standard, can have many proposals, discussions and implementations on how to fix issues.
link
BatFastard 3483 days ago
Seriously? Have you ever seen something fixed faster by a committee then by a vendor who has a large financial incentive to protect?

I want to live in your world!

link
corysama 3483 days ago
No difference conceptually. Huge difference in practice when looking at the track records of the two approaches.
link