Skip to main content

Facebook’s head of security wants an ‘end-of-life’ date for Flash

adobe flash logo
Image used with permission by copyright holder
In the wake of last week’s Hacking Team breach, two more critical flaws in Adobe Flash have been discovered, which has rekindled the debate over its security integrity. Facebook’s new chief security officer, Alex Stamos, has now called for an end to Flash.

Tweeting over the weekend, Stamos called on Abode to set an “end-of-life” date for Flash, “even if, 18 months from now, one set date is the only way to disentangle the dependencies and upgrade the whole ecosystem at once,” he added.

Recommended Videos
Please enable Javascript to view this content

Last Friday, Adobe released a security bulletin that detailed new vulnerabilities through which an attacker could gain control of a victim’s computer. It affects Windows, Mac, and Linux users.

Flash’s security has always been a hot topic. Steve Jobs once famously decried its security. He had taken umbrage with Flash and felt it would compromise Apple’s devices. “We don’t want to reduce the reliability and security of our iPhones, iPods, and iPads by adding Flash,” he said five years ago. To this day Flash isn’t pre-installed on Apple products.

Noted security blogger Graham Cluley echoed Stamos’ remarks, but added that Adobe is unlikely to heed this advice.

“The truth is that the company would probably gain a lot more respect from the Internet community if it worked toward this ultimate fix for the Flash problem, rather than clinging on to the belief that it might be able to one day make Flash secure,” he said.

Security issues with Flash have constantly dogged Adobe. Just last month it pushed out another security advisory following the discovery of a bug that would, once again, allow an attacker to gain control of a computer.

Despite these concerns, Adobe has maintained Flash and regularly patches and updates it. Last month, it was praised for responding to vulnerabilities with patches within 24 hours.

However last week’s hack on Hacking Team — which saw a 400GB cache of sensitive data hit the Web — was a different kind of threat. The firm has been accused of supplying surveillance technology to repressive governments.

Zero days — previously undiscovered and unpatched vulnerabilities that can be invaluable to hackers as no one else yet knows about them — were found among the data. It has caused great consternation in the security community given the type of work that Hacking Team was allegedly facilitating, if standard patches would be enough, and if any more Flash threats will emerge from the breach.

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
Google is testing a feature that will let AI hide away internet pop-ups
Google Chrome browser running on Android Automotive in a car.

Google is testing a new feature in Chrome Canary, the experimental version of the Chrome browser. As reported by TechRadar, the "PermissionsAI" feature is designed to deal with pop-ups from websites asking you to share your location or consent to notifications.

According to Chromium, the tool will use Google's "Permission Predictions Service" and Gemini Nano v2 to analyze users' previous responses to pop-ups and guess how they will respond to new ones. If you're likely to decline, the feature will block the annoying pop-up that appears in the middle of your screen and instead hide it away in a corner in case you need it later.

Read more
AMD’s Ryzen Z2 Go disappoints in early benchmark
The Lenovo Legion Go S sitting on a window.

A recent YouTube video has showcased the gaming capabilities of AMD's upcoming Ryzen Z2 Go chipset, designed for budget gaming handhelds. As part of the new Ryzen Z2 lineup, the Z2 Go’s capabilities were tested on a Lenovo Legion Go S and compared to last year’s Z1 Extreme powering the Asus ROG Ally X.

According to gaming performance data shared by FPS VN, the Z2 Go shows some limitations compared to the Z1 Extreme. In Black Myth: Wukong, it achieved 36 fps versus 40 fps at 15W, 30 fps versus 32 fps at 20W, and 60 fps versus 64 fps at 30W. In Cyberpunk 2077, the Z2 Go delivered 50 fps compared to 54 fps at 15W, 45 fps versus 47 fps at 20W, and 61 fps compared to 66 fps at 30W. Similarly, in Ghost of Tsushima, the Z2 Go hits 62 fps versus 66 fps at 15W, 48 fps versus 52 fps at 20W, and 62 fps versus 66 fps at 30W. Although the performance gap is minor, it remains consistent at around 7–10% across all tested games.

Read more
When you sign up for two years of Surfshark you’ll get 10GB of roaming data for free!
Surfshark displayed on multiple devices including a smartphone, tablet, and laptop screen.

Investing in a VPN for your Wi-Fi network is one of the best ways to mask your IP address from those looking to gain control of your personal data, device logins, and other sensitive info. Fortunately, there’s a new VPN-masking service born every day, but not all of these services offer are worth your hard-earned cash. Instead, you should focus on vetted and reliable platforms like Surfshark.

As luck would have it, Surfshark is even offering a promo for new customers: For a limited time, when you sign up for two years of Surfshark One or Surfshark One+, you’ll get 10GB of Saily eSIM roaming data for free. We tested Surfshark not long ago, and reviewer Alan Truly said: “Surfshark is a fast streaming VPN that let me connect an unlimited number of devices, making it a great choice to protect privacy and unblock worldwide streaming for the whole family.” We've also reviewed Surfshark's anti-virus protection suite.

Read more