[captainmuon]

> At least with JS, if it leaks or has security breach, the browser's developer can fix it

In modern OSes, you could slap a sandbox or container-ish construction around Flash. If it had a bug, it would be contained.

In principle, a minimal browser that defers to isolated plugins would be the more secure design. In practice, the plugins were buggy and insecure of course, but this was accidental.

If Flash were open source, and/or had just as much effort put into it as current browsers, it would be at least as secure.

The only reason the monolithic kitchen sink that a modern browser is is secure (and fast) is that so many brilliant people have been putting so much hard work into it (and Google and Apple so much money).