The Straight Dope

Go Back   Straight Dope Message Board > Main > General Questions

Reply
 
Thread Tools Display Modes
  #1  
Old 07-05-2010, 05:37 PM
astro astro is offline
Guest
 
Join Date: Jul 1999
Why does Adobe Flash need to constantly update itself every few days? Is the code that awful?

I can't recall any software of applet I've ever had, short of Virus checkers that need to be updated frequently, that needs to update itself as often as Adobe Flash. It seems every few days there's a freaking code update required.

Adobe is supposedly a professional software company and should be able to write reasonably stable software. Why does Adobe Flash need such constant updating?

Last edited by astro; 07-05-2010 at 05:37 PM..
Reply With Quote
Advertisements  
  #2  
Old 07-05-2010, 05:42 PM
antonio107 antonio107 is offline
Guest
 
Join Date: Dec 2009
I know very little of computer programming, but it seems to me that with the proliferation of sites like Youtube, there must several attempts being made by hackers to exploit a part of flash, to which Adobe must counteract.
Reply With Quote
  #3  
Old 07-05-2010, 05:44 PM
Joey P Joey P is offline
Charter Member
 
Join Date: Jun 1999
Location: Milwaukee, WI
Posts: 21,305
And with that, why is it that every time there's an update to a new version it feels the need to put an icon on your desktop? I can't think of a single time in all my years of needing it, that I've ever wanted to open it without having a file or link to click on (which automatically opens it by association). Yes, I'm sure some people do want to open it for some reason, but I'd wager that 99% of the people that use only the free Acrobat Reader have never used the desktop icon to open it.
Reply With Quote
  #4  
Old 07-05-2010, 06:45 PM
BorgHunter BorgHunter is offline
Guest
 
Join Date: Nov 2008
Quote:
Originally Posted by Joey P View Post
And with that, why is it that every time there's an update to a new version it feels the need to put an icon on your desktop? I can't think of a single time in all my years of needing it, that I've ever wanted to open it without having a file or link to click on (which automatically opens it by association). Yes, I'm sure some people do want to open it for some reason, but I'd wager that 99% of the people that use only the free Acrobat Reader have never used the desktop icon to open it.
Acrobat Reader =/= Adobe Flash, although they are both shitty pieces of software in their own right. I try to avoid both as much as I can. Luckily, Adobe Reader has many very viable alternatives; Flash, not so much.

The answer to the OP, by the way, is that Adobe isn't terribly rigorous in terms of coding to avoid security problems, preferring to follow the time-honored tradition of waiting until a zero-day exploit is uncovered, then scrambling to patch it in a week or so. They're not the first company to operate that way, nor will they be the last, but it's going to drive them to obscurity. That, and following the (also time-honored, see also AOL, Symantec, McAfee) tradition of making one piece of software that fills a niche try to take over a computer and insert itself into twenty different places where it really only needs to exist in one. Whenever I update Flash in Windows, I always have to hunt for the exe that just installs Flash, not the Firefox add-on that installs a Firefox plugin that installs Flash.

Bottom line is, Adobe is not a particularly good software company. Outfits as big as they are rarely end up being good, anyway.
Reply With Quote
  #5  
Old 07-05-2010, 06:51 PM
Joey P Joey P is offline
Charter Member
 
Join Date: Jun 1999
Location: Milwaukee, WI
Posts: 21,305
Quote:
Originally Posted by BorgHunter View Post
Acrobat Reader =/= Adobe Flash, although they are both shitty pieces of software in their own right. I try to avoid both as much as I can. Luckily, Adobe Reader has many very viable alternatives; Flash, not so much.
Totally missed that the OP was talking about Flash (even wondered why the first person to respond mentioned it). Probably because Reader just put out new version so I've been upgrading it on all my computers as it's been popping up (and then deleting the icons of the desktops).
Reply With Quote
  #6  
Old 07-05-2010, 07:10 PM
BigT BigT is offline
Guest
 
Join Date: Aug 2008
I really don't know what you are talking about. This is the first real update to Flash in ages. Yeah, there were two security patches last cycle. Firefox had what, 14? (in 3.0, 3.5 had at least 6).

And, no, following the coding practice of even Microsoft or Apple should not be a reason to drive them into an early grave. Alternatives to Flash have been out for a while, and I still have yet to see anyone remove the flash version of anything. And I have yet to meet anyone who doesn't install flash on their main computer--even people who hate it.
Reply With Quote
  #7  
Old 07-05-2010, 07:14 PM
Thin Ice Thin Ice is offline
Guest
 
Join Date: May 2003
You can disable automatic notifications by unchecking the box telling Adobe to notify you when an update is available. Here's a link:

http://www.macromedia.com/support/do...manager05.html

You can also right-click a flash screen and click "Settings..." in the menu that appears, and "Advanced..." in the dialog box to get to the Settings Manager.
Reply With Quote
  #8  
Old 07-05-2010, 07:48 PM
BlackKnight BlackKnight is offline
Guest
 
Join Date: Aug 2000
You aren't downloading "updates" from websites that claim you need to update your Flash, are you? (Just checking.)
Reply With Quote
  #9  
Old 07-05-2010, 07:52 PM
Waffle Decider Waffle Decider is offline
Guest
 
Join Date: Oct 2007
Quote:
Originally Posted by Thin Ice View Post
You can disable automatic notifications by unchecking the box telling Adobe to notify you when an update is available. Here's a link:

http://www.macromedia.com/support/do...manager05.html

You can also right-click a flash screen and click "Settings..." in the menu that appears, and "Advanced..." in the dialog box to get to the Settings Manager.
I would not recommend doing this. Since the Flash player is integrated into the web browser, and the Internet is full of malicious websites trying to infect your computer by exploiting known bugs in older software, it's very important to keep the Flash player (as well as any other browser plug-ins) up to date with all the latest security patches. Unless you know what you're doing, the automatic notification feature is probably the easiest way to keep you updated.

Something is wrong with your computer if Flash is really updating itself every few days. The update process probably did not succeed for some reasons. Both Flash and Adobe Reader come out with new releases approximately every couple months or so, similar to other software.
Reply With Quote
  #10  
Old 07-05-2010, 08:36 PM
astro astro is offline
Guest
 
Join Date: Jul 1999
Quote:
Originally Posted by Waffle Decider View Post
Something is wrong with your computer if Flash is really updating itself every few days. The update process probably did not succeed for some reasons. Both Flash and Adobe Reader come out with new releases approximately every couple months or so, similar to other software.
I will check and see if that's an issue, but I will guarantee you Flash updates itself far more often than "every couple months or so"

Last edited by astro; 07-05-2010 at 08:36 PM..
Reply With Quote
  #11  
Old 07-05-2010, 08:46 PM
HorseloverFat HorseloverFat is offline
Guest
 
Join Date: Mar 2000
Zero day vulnerabilities for Flash are almost common. Absolutely update it when it requires it. As far as the quality of the software, well, Adobe is the new Microsoft circa 1999. Security was never their number one priority. MS now is pretty sharp about out of the box security.

You might want to run Flashblock if you're using Firefox to cover your bases or run your browser as a limited user. Vista/7 IE runs by default in a low privileged mode. If you use Adobe reader its helpful to disable Javascript support. Most PDF exploits are javascript based.

Last edited by HorseloverFat; 07-05-2010 at 08:50 PM..
Reply With Quote
  #12  
Old 07-05-2010, 09:19 PM
Waffle Decider Waffle Decider is offline
Guest
 
Join Date: Oct 2007
I found this list with the dates of recent Flash player releases on the interweb, and it seems to match what I remember:

http://www.flexdeveloper.eu/forums/a...rsion-history/

The last 3 releases happened in June 2010, Feb 2010 and Dec 2009. Something is definitely wrong if it tries to update itself more often than that. I would probably try manually uninstalling everything Flash related and start over again.
Reply With Quote
  #13  
Old 07-06-2010, 12:52 AM
Markxxx Markxxx is offline
BANNED
 
Join Date: Apr 1999
Location: Chicago,IL
Posts: 14,962
Flash does update itself quite often. This has been discussed all over the Internet, generally on sites pleading for an alternate "open source" alternative for FLASH.

I like the fact that many sites are using "Flash Cookies" and a lot of people don't realize that yet.

Remember there are major updates and minor ones. I have FLASH Block on my browser so I rarely use FLASH other than YouTube.

To change the way Flash Updates Go to the Global Settings Panel

To View your Flash Cookies Go to Website Storage Panel
Reply With Quote
  #14  
Old 07-06-2010, 06:45 AM
Waffle Decider Waffle Decider is offline
Guest
 
Join Date: Oct 2007
I guess there are different opinions on what counts as frequent updates. The list I cited includes all publicly released minor updates. It's certainly not any more often than, say, Firefox. If we only count major updates, the dates would be 10.1 in Jun 2010, 10.0 in Oct 2008, and 9.0 in Jun 2006.
Reply With Quote
  #15  
Old 07-06-2010, 07:42 AM
si_blakely si_blakely is offline
Guest
 
Join Date: Jul 2002
To be fair to Adobe, Flash is a security nightmare. It takes a stream of unsecured data from the internet, and does complex stuff with it, including decoding video, displaying pictures, and converting actionscript into interpretable commands. An error in the code that handles all this input could expose the browser process or operating system to malware. And the bad guys are constantly probing Flash for a weakness they can exploit.

Si
Reply With Quote
  #16  
Old 07-06-2010, 02:36 PM
Johnny Angel Johnny Angel is offline
Charter Member
 
Join Date: Aug 1999
Posts: 3,538
Adobe is definitely the number one vector to pwn your computer, either through Flash or Acrobat or one of the related applications. You'd be limited in your internet usage if you tried to do without them, but you can't ignore updates, because many of the vulnerabilities can lead to complete compromise of your system that can be fully automated. Likewise, keep your Windows or OS X up-to-date. I used to find it obnoxious to deal with the updates from MS, but then I started working for a computer security company and discovered that the worst of the MS exposures such as the Conficker virus exploited vulnerabilities that had already been fixed.
Reply With Quote
  #17  
Old 05-15-2014, 05:59 AM
lee1968nh lee1968nh is offline
Guest
 
Join Date: May 2014
I honestly think the reason is countless hooks and shackles put into the software that change every day.. I doubt the security part of it very much. But, there is the issue of RPP (Revenue Protection Program). There are so many squirrely behaviors with Flash to protect, Copyrights, Force one to watch what one would normally ignore (down your throat marketing). Anyone notice the BIG increase in sound volume when ads come up....that was illegal to do in the TV world but FLASH rules and will be updated every time Adobe finds a new way to track you, sell to you or an advertiser.. I miss clicking on the monkey. FLASH is BIG BRO S/W.. nothing better.
Reply With Quote
Reply



Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 08:22 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@chicagoreader.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Publishers - interested in subscribing to the Straight Dope?
Write to: sdsubscriptions@chicagoreader.com.

Copyright 2013 Sun-Times Media, LLC.