Most people creating Flash content don’t have a degree in Computer Science and fail to really understand OOP and to build optimized and secure applications. Worse, some content is loaded dynamically, meaning that what you put on your website (ads), may not be what’s going to be displayed to your visitors after all. All that and the fact that the Flash player has a long release history and contains 2 VMs means that it’s bloated and is not restrictive enough.

Some hypocritical extremists (#Apple) went for a total ban of the technology on their mobile devices, claiming that it was too slow and insecure, instead of trying to make it work like most other mobile companies are doing. We all know that wasn’t the real reason for the ban and we’re not surprised by more lies coming from a company that denies the Antennagate, but there is truth to the claims that Flash has security problems.

I loved one of the slides of Recurity Labs’ paper on their Blitzableiter application that filters flash files, removing malware, etc. It was titled “Native Security Functionality of Adobe Flash” and was left empty :D.

Recurity Labs are offering an interesting solution for people concerned with what a website can do with their personal data and I encourage you to read more about it on the project’s page:

https://github.com/rtezli/Blitzableiter

Did you like this? Share it: