I think security was not fixable, at-least not to the user's and browsers liking. You had to disable flash for safety and stopping the most annoying ads.
The other issues could be left to consenting adults. But browsers and IT departments turned against plugins in general. Now even Java is almost gone (from browsers) for the same reason.
I think Flash screwed up security because of the way users could control what Flash had access to (through a Security Sandbox Controller on the Macromedia/Adobe website)
Imagine that instead Flash went the way of App Permissions: asking users for permission to access, read, and write different things to the browser. Could you imagine? Advertisers wouldn't be able to pull as many annoying/shady things, and security would start to become a non-issue.
If anything, Flash gave developers too much freedom at first to tap into the browser. Then they tried to backpedal by adding more sandboxing rules that still connected to their awkward security manager. And so, advertisers contently continued on abusing all the ways they could get their ads to become as intrusive and in your face as possible, and people began to be angry with Flash because of it.
Madobe once closely guarded the Flash player code base, yet their approach rapidly shifted to total abandonment in the early 2010s after realising that the chance to have a presence on modern smartphones had already sailed. All the issues that followed were symptoms of neglect.
A similar lack of comittment is also what doomed AIR which had a chance to succeed - after all there was a tonne of existing content waiting to be ported for native release by eager developers already familiar with the AS/Flex stack. Adobe dropped the ball hard by moving the R&D to Bangalore during the most critical time period and things went south really fast. By the time the product managed to stablise most developers have moved on.
I don't remember the flash permissions model being problematic. I saw two main problems with flash:
- it was a lightweight and compatible way to insert animated ads. The animation consumed a lot of CPU. This is why most people blocked flash, and why most Apple refused to support it on ipads.
- it had horrible security record. For some reason, Adobe could not fix the bugs in the Flash plugin. This is why IT departments started to block it.
For more details, see this very interesing Steve Job's letter why Flash would never run on i-devices: https://www.apple.com/hotnews/thoughts-on-flash/ (note it does not even mention sandboxing model)
Apple's main qualm at the time though was
"If developers grow dependent on third party development libraries and tools, they can only take advantage of platform enhancements if and when the third party chooses to adopt the new features. We cannot be at the mercy of a third party deciding if and when they will make our enhancements available to our developers."
They've since done a double-take and have accepted games built in Unity and apps built in website-wrapper frameworks (also many of which are proprietary).
Apple had many reasons to want to rightfully kill off Flash. But the thing is, it wasn't all bad.
Note that I do agree however that slow security fixes and Flash causing crashes / consuming lots of CPU are real concerns.
I think this is overstated. Sure there were Flash 0-days, but then it was probably also the highest-value 0-day target in the world. In those days Flash was more widely installed than any single browser, or even OS. It may well have been the most widely-installed application period.
The point being, if Flash was inherently horrible for security (in some way that, say, Java wasn't) there would have been exploits every day of the week and half the planet would have been owned. I think the reality is that it was just a really big target, which Adobe (with a lot of help from Google) kept relatively secure, all things considered.
Just because no one managed to create WannaCry for Flash doesn't mean the security problems are overstated. They've published over 50 vulnerabilities in Flash this year, when the installed base is in the toilet.
Java may be worse (or it may not be, but I would avoid installing either on most client machines), but blowing a bigger hole in the system's defenses doesn't really make the slightly smaller hole any less of a problem, it just changes your priorities in patching.
The only thing impressive about Adobe's security record is the number of times their source code was compromised.
To be clear I was talking about the era when a lot of people were working on Flash - on attack or defense. These days (since, say, 2013-ish?) I doubt there are many working in either direction.
The point being, in its heyday Flash was a bigger target than any web browser, and I don't think its attack surface was much smaller. If Flash had 10x more vulnerabilities than browsers did that'd be bad, but I don't think that was the case.
I found a security issue in flash accidentally while working on a CAD viewer in 2005. They fixed it promptly, but even a minimal amount of fuzzing would have uncovered it. I'm not so sure they did all they could on the security front.
That's Job's stated reasons. My understanding is that Apple/Adobe rivalry goes way back. "Thoughts on Flash" was Job's "now the tables have turned" moment. Once upon a time Adobe wouldn't make a version of their software for Apple machines cause it was to niche.
Absolutely. There were definitely multiple problems beyond the one I mentioned with security. But I would argue the one you mention is a problem with most complex software connected to the internet. I mean, they did what they could, they'd release patches. You could argue that it's similar to what proprietary browser vendors would have to do if they were exploited.
I have a feeling that if Adobe would publish detailed Flash file format specs when Flash started to decline, there would have been separate player implementations and Flash might still be alive today.
Of course, this also means alternative editor implementations, and this decreases business value. This is also a lot of work. And at some point, it became too late -- if format would be published today, very few people would care. So I am not surprised Adobe decided to let the Flash die, rather than open it.
As state by other commentators it was an open standard. However the main issues other vendors faced were Adobe's control of the standard (no TC39) and the use of patents in the technology (compression etc).
The other issues could be left to consenting adults. But browsers and IT departments turned against plugins in general. Now even Java is almost gone (from browsers) for the same reason.