Technology catch-all thread

[Y2HH]

Flash loads at the same speed as HTML. Every Flash site I have built has been under 400k and is completely run through XML and CSS. Adobe took their time with fixing Flash's CPU hogging nature of the past, but Flash Player 9 was released a few years ago and took care of this outside of the 3-D world, which Flash Player 10 has since taken care of. ActionScript 3 is an actual object-oriented language that is built in the image of Java. There is nothing wrong with the programming from Adobe, it is headed in the same direction as 95% of the other languages out. The main thing holding Flash back is that it is still a plugin, which is what it was always supposed to be. Flash was never meant to be an information-rich content producer, Flash was always supposed to be about the visual experience.

 

The things Flash does well happen to be a nice companion for mobile devices and new TV's. Things like video players, music players, picture galleries, etc have always been Flash's strong suit and will continue to be. Many new TV's will have their menu's in Flash. There's a reason Flash gained tons of market share over the span of Flash's life, and I love the point you make about Flash taking it's time compared to HTML 5. You do realize that HTML 4 was the HTML standard for 9 years!!! before HTML 5 came out? Flash has been consistently improving in programming and in the Flash Player itself. Flash isn't going anywhere, and Apple seeking a monopoly on application software is not going to be a sustaining endeavor.

 

I work with HTML, AJAXX, Javascript, and Flash on a daily basis, and there's still no comparison of a Flash presentation vs. AJaxx or Javascript. Flash wins everytime. However, information and security environments just run better in HTML environments. HTML's Canvas tag will be used for a lot of banners replacing some Flash, however the use of Javascript and CSS will take up the same amount of CPU usage as Flash.

 

Here's a fantastic(long) piece on the subject from another .NET/Flash developer.

http://flashworks.wordpress.com/2010/04/29...ure-of-the-web/

 

HTML 5 isn't done yet, and Flash does indeed have performance issues still, which is why their 10.1 players are still in beta on multiple platforms...they've been working on that for what, 1+ years now and it's still in beta? Give me a break.

 

What Flash has is better tools/programs to use it, since it's been around so long. That's the only thing it has going for it, as time goes on and more and more HTML 5 dev tools come out, HTML 5 development will easily catch up.

 

People forget that before Adobe bought Shockwave -- Adobe itself was trying to kill Flash all the while telling everyone how crappy it was. This is a true story, btw, go look it up. Adobe itself was saying all the same stuff Jobs is saying now before they bought the technology.

 

And last but not least, Flash has almost ZERO security. I'd venture to guess that a majority of web based hacks happen through Flash...they need to fix that once and for all. The fact that they plug 30 holes a week in Flash isn't good enough...secure it already, Adobe shouldn't need years to do it, either...

Edited August 3, 2010 by Y2HH

[RockRaines]

And last but not least, Flash has almost ZERO security. I'd venture to guess that a majority of web based hacks happen through Flash...they need to fix that once and for all. The fact that they plug 30 holes a week in Flash isn't good enough...secure it already, Adobe shouldn't need years to do it, either...

Thats really a main problem, especially for phones. Nobody wants phones full of viruses. Also think of the personal information that can be stolen.

[BigSqwert]

What's that about security?

[Y2HH]

What's that about security?

 

Thank you for proving the point we made.

 

These types of things aren't as bad as they sound -- but once again -- read the story. That's ANOTHER Adobe security breech, as it's being done through a PDF exploit in which a program is embedded into a PDF (a technology owned by guess who...Adobe).

Edited August 3, 2010 by Y2HH

[BigSqwert]

Thank you for proving the point we made.

 

These types of things aren't as bad as they sound -- but once again -- read the story. That's ANOTHER Adobe security breech, as it's being done through a PDF exploit in which a program is embedded into a PDF (a technology owned by guess who...Adobe).

So why doesn't Jobs eliminate Adobe Reader from Apple products? It looks like a risky program to include.

Edited August 3, 2010 by BigSqwert

[Y2HH]

So why doesn't Jobs eliminate Adobe Reader from Apple products? It looks like a risky program to include.

 

Because it's a business requirement, where Flash isn't. So even the mighty Jobs has to bow down here to corporate pressure.

 

I actually wish the industry WOULD do away with PDF's, to be perfectly honest...as bad as I think Flash is, Adobe PDF/Reader is even worse. If you have Adobe Reader installed on your computer, look at how big it is. The free reader software clocks in at OVER 400 megs.

 

400 megs for a f***ing reader? That's bigger than Microsoft Word. That's absolutely pathetic. It's another sign of pure Adobe bloat/laziness...I despise that companies laziness when it comes to programming...their CS products aside, Adobe needs to go back to school and learn how to do things the right way.

[BigSqwert]

Because it's a business requirement, where Flash isn't. So even the mighty Jobs has to bow down here to corporate pressure.

 

I actually wish the industry WOULD do away with PDF's, to be perfectly honest...as bad as I think Flash is, Adobe PDF/Reader is even worse. If you have Adobe Reader installed on your computer, look at how big it is. The free reader software clocks in at OVER 400 megs.

 

400 megs for a f***ing reader? That's bigger than Microsoft Word. That's absolutely pathetic. It's another sign of pure Adobe bloat/laziness...I despise that companies laziness when it comes to programming...their CS products aside, Adobe needs to go back to school and learn how to do things the right way.

 

Foxit ftw

[lostfan]

Flash is simply not a safe platform which is why Jobs doesnt like it. I dont think it has anything to do with performance.

 

And the iphone's superiority in my world is simply based on the fact thats its an ipod. I can plug it into so many accessories like my alarm clock, car, stereo etc and have complete control over all of my music. I personally think thats one area that the other hardware manufacturers are missing out on as they focus on one-upping each other's droid skins.

I can't really argue this point.

[Balta1701]

For CrackBerry users, Blackberry is announcing the new Blackberry Torch today based on their new OS.

On Tuesday, Research In Motion needed a miracle. It needed a fresh-faced BlackBerry and an operating system that made people say "whoa." Yet when it took the stage to unveil the BlackBerry Torch and the BlackBerry 6 operating system, one thing became clear: These were not heaven sent. This could very well mean the end for the BlackBerry.

 

If you've been paying attention to RIM lately, you'll know two things: 1) That it sells more smart phones than anyone else in the United States, and is second only to Nokia worldwide. And, 2) it is experiencing slowed momentum and increasing consumer indifference in the face of dazzling competition. In short, RIM's in a mid-life crisis.

 

The BlackBerry's saving grace used to be its physical keyboard, something no iPhone would be caught dead with. But now that Google's Android platform has taken off, it provides plenty of options that meet that simple requirement. And while businesses still buy BlackBerrys by the truckload, they don't always buy premium models, and they don't upgrade them every year.

Link

[Palehosefan]

HTML 5 isn't done yet, and Flash does indeed have performance issues still, which is why their 10.1 players are still in beta on multiple platforms...they've been working on that for what, 1+ years now and it's still in beta? Give me a break.

 

What Flash has is better tools/programs to use it, since it's been around so long. That's the only thing it has going for it, as time goes on and more and more HTML 5 dev tools come out, HTML 5 development will easily catch up.

 

People forget that before Adobe bought Shockwave -- Adobe itself was trying to kill Flash all the while telling everyone how crappy it was. This is a true story, btw, go look it up. Adobe itself was saying all the same stuff Jobs is saying now before they bought the technology.

 

And last but not least, Flash has almost ZERO security. I'd venture to guess that a majority of web based hacks happen through Flash...they need to fix that once and for all. The fact that they plug 30 holes a week in Flash isn't good enough...secure it already, Adobe shouldn't need years to do it, either...

 

You are correct, HTML5 isn't completed yet, and has an estimated span of a decade before cross-browser rendering differences are solved.

 

Most browsers/phone operating systems already have 10.1 available. However, with the fracture of mobile browsers available now, the issue isn't just a Flash issue. My fiancee's Droid has had 2.2 installed for well over a month now, and I'm still waiting on my Frodo build.

 

Everyone hated on Flash originally, as it was simply a graphic designers tool that could provide the most basic ability to produce a website. However, the product has grown immensely with the release of AS3 several years ago, and has done a fantastic job of taking on the 3-D rendering world.

 

Flash security is WAY overblown. Sandbox security fixed any cross domain scripts from running. The only reason people are griping about it is because the Flash player is installed on 90%+ of machines and has to be updated manually by the user each time. .NET for instance uses the Microsoft Windows Update to update it's security. However, these Flash Player updates aren't any more frequent than say Firefoxes browser updates.

 

Most security breaches come in the form of executables in script, which generally present themselves in executable DLL files or as Javascript code. These are not actually part of the ActionScript language, but rather on the language required to run Flash player and programs in general. Counting on HTML5 and Javascript to be your savior in security issues is like hoping a bear will protect you from a lion.

 

HTML5 isn't going to cause the doom of the Flash language, programs such as Flex have taken the AS3 semi object-oriented level language to new levels and have completely thrown out the graphic design part of the integration that Flash still clings to. HTML5 is a step in the right direction, which is a unified programming language. But this is going to be a very long process, and it's up to other languages to adapt. If Adobe doesn't take steps towards unifying their products with HTML in future releases then they will eventually die out, and should die out. But for now, Flash is a viable option, and is improving with each release.

 

Jobs might want to watch his own back before spouting off ignorance,

http://www.csoonline.com/article/448865/ap...time-ipod-touch

http://www.infoworld.com/d/security-centra...ant-dns-bug-889

http://www.infoworld.com/t/platforms/patch...curity-bugs-301

http://www.dbtechno.com/apple/2008/06/22/a...ugs-for-safari/

http://www.pcworld.idg.com.au/article/1949...bug-fix_iphone/

 

As for Jobs complaining about Flash problems, this is fantastic.

"Because Apple bundles Flash Player with Mac OS X, it regularly distributes patches for the Adobe software, at times months after the latter has shipped patches. The six-week gap between Adobe's issuing fixes and Apple delivering them this time was similar to the time it took Apple to update Flash in the summer of 2009."

 

[Y2HH]

You are correct, HTML5 isn't completed yet, and has an estimated span of a decade before cross-browser rendering differences are solved.

 

Most browsers/phone operating systems already have 10.1 available. However, with the fracture of mobile browsers available now, the issue isn't just a Flash issue. My fiancee's Droid has had 2.2 installed for well over a month now, and I'm still waiting on my Frodo build.

 

Everyone hated on Flash originally, as it was simply a graphic designers tool that could provide the most basic ability to produce a website. However, the product has grown immensely with the release of AS3 several years ago, and has done a fantastic job of taking on the 3-D rendering world.

 

Flash security is WAY overblown. Sandbox security fixed any cross domain scripts from running. The only reason people are griping about it is because the Flash player is installed on 90%+ of machines and has to be updated manually by the user each time. .NET for instance uses the Microsoft Windows Update to update it's security. However, these Flash Player updates aren't any more frequent than say Firefoxes browser updates.

 

Most security breaches come in the form of executables in script, which generally present themselves in executable DLL files or as Javascript code. These are not actually part of the ActionScript language, but rather on the language required to run Flash player and programs in general. Counting on HTML5 and Javascript to be your savior in security issues is like hoping a bear will protect you from a lion.

 

HTML5 isn't going to cause the doom of the Flash language, programs such as Flex have taken the AS3 semi object-oriented level language to new levels and have completely thrown out the graphic design part of the integration that Flash still clings to. HTML5 is a step in the right direction, which is a unified programming language. But this is going to be a very long process, and it's up to other languages to adapt. If Adobe doesn't take steps towards unifying their products with HTML in future releases then they will eventually die out, and should die out. But for now, Flash is a viable option, and is improving with each release.

 

Jobs might want to watch his own back before spouting off ignorance,

http://www.csoonline.com/article/448865/ap...time-ipod-touch

http://www.infoworld.com/d/security-centra...ant-dns-bug-889

http://www.infoworld.com/t/platforms/patch...curity-bugs-301

http://www.dbtechno.com/apple/2008/06/22/a...ugs-for-safari/

http://www.pcworld.idg.com.au/article/1949...bug-fix_iphone/

 

As for Jobs complaining about Flash problems, this is fantastic.

"Because Apple bundles Flash Player with Mac OS X, it regularly distributes patches for the Adobe software, at times months after the latter has shipped patches. The six-week gap between Adobe's issuing fixes and Apple delivering them this time was similar to the time it took Apple to update Flash in the summer of 2009."

 

As a security researcher in the internet security profession, no...I'm afraid flash security isn't overblown at all. It's not just a concern, it's a primary concern as more CRITICAL holes exist in flash than any other application that is seemingly used on a daily basis, with or without a general users knowledge. For example, my parents have no idea that when they browse website that those animated graphics or advertisements are primarily flash driven/executed. Most users have no idea, either. As a developer, I can see why you'd say that security is overblown, but it's not, and it's a concern for many in my profession. I fight with developers about this all the time, and it's always the same story...in the end, they think that what they did is "good enough", and I should just clear it for production use. It's dead on critical, and it's THE biggest hole between end users and the internet in which is exploited, in multiple fashions, sandboxed or not. Sandboxing is merely a method of protecting a subsection of memory from being exploited/read/written by other applications...it does not, however, plug open holes in security, which Flash has more than any other application I've ever known.

 

And Adobe issues new bug fixes to flash on seemingly a daily basis...so whether Apple speeds up it's patch releases or not, it wouldn't matter. Just because Adobe releases a patch, doesn't mean I can clear it for use in production environments...that patch may break more than it fixes, causing the loss of service, causing the loss of money...so no...simply issuing fix after fix doesn't help me...as a matter of fact, it's a hindrance, because every patch needs to be re-vetted and re-tested for production because clearance. They need to fix as many as they can at once...not one a time every other day, such as they do now. This is why companies like Microsoft and Apple have patch schedules outside of insanely critical security breaches. While all of these patches on a daily basis are fine for end users, they are NOT fine for businesses, and they never will be.

Edited August 4, 2010 by Y2HH

[RockRaines]

Ah, jesus, developers vs analysts.

 

Whats next, a DB admin coming in here saying that it wasnt SQL's fault Soxtalk went down?

[Y2HH]

Ah, jesus, developers vs analysts.

 

Whats next, a DB admin coming in here saying that it wasnt SQL's fault Soxtalk went down?

 

Nicely done.

[RockRaines]

Nicely done.

As a software salesman, I'm the worst of the bunch anyway.

[RockRaines]

Nicely done.

Do you know anyone who is a good java programmer or can build applications?

 

I have an idea for an iphone/droid app and I cannot make it happen without a ton of help.

[Balta1701]

The guy in charge of the Apple iPHone/Ipod hardware division has "left his job", however you want to call it.

[kapkomet]

Ah, jesus, developers vs analysts.

 

Whats next, a DB admin coming in here saying that it wasnt SQL's fault Soxtalk went down?

 

Yup.

 

[Palehosefan]

As a security researcher in the internet security profession, no...I'm afraid flash security isn't overblown at all. It's not just a concern, it's a primary concern as more CRITICAL holes exist in flash than any other application that is seemingly used on a daily basis, with or without a general users knowledge. For example, my parents have no idea that when they browse website that those animated graphics or advertisements are primarily flash driven/executed. Most users have no idea, either. As a developer, I can see why you'd say that security is overblown, but it's not, and it's a concern for many in my profession. I fight with developers about this all the time, and it's always the same story...in the end, they think that what they did is "good enough", and I should just clear it for production use. It's dead on critical, and it's THE biggest hole between end users and the internet in which is exploited, in multiple fashions, sandboxed or not. Sandboxing is merely a method of protecting a subsection of memory from being exploited/read/written by other applications...it does not, however, plug open holes in security, which Flash has more than any other application I've ever known.

 

And Adobe issues new bug fixes to flash on seemingly a daily basis...so whether Apple speeds up it's patch releases or not, it wouldn't matter. Just because Adobe releases a patch, doesn't mean I can clear it for use in production environments...that patch may break more than it fixes, causing the loss of service, causing the loss of money...so no...simply issuing fix after fix doesn't help me...as a matter of fact, it's a hindrance, because every patch needs to be re-vetted and re-tested for production because clearance. They need to fix as many as they can at once...not one a time every other day, such as they do now. This is why companies like Microsoft and Apple have patch schedules outside of insanely critical security breaches. While all of these patches on a daily basis are fine for end users, they are NOT fine for businesses, and they never will be.

 

 

Most of the issues I see are from bad programming or programmers using Flash in ways that it shouldn't be, such as security login screens. Integrating a Flash piece to a SQL database for instance is asking for trouble. SQL injections are hard enough to control in secure languages such as .NET, much less Flash. Asking a user for any secure information in a Flash piece is outside of the proper scope. Another issue is Flash programmers using things such as uploaders, which is ridiculous and can allow a user to upload any kind of malicious object they want.

http://www.publish.com/c/a/Graphics-Tools/...MNL02102009STR3

 

Another big issues is that outside vendors have been very slow to create a Flash security software tool such as Fortify.

 

Another issue is like you said, Adobe doesn't have a schedule for their security updates like Microsoft and Apple.

 

 

 

Most of the issues are programmers not using Flash in it's proper place, but there are built in plugin issues over the years that have caused plenty of headaches such as the Flash Player 10.0 problems I admit. I won't even try to defend Acrobat or PDF files in general, it's a mess. If you need an uploader, database integration, secure logins etc, Flash is NOT the language a developer should be using.

Edited August 8, 2010 by Palehosefan

[Y2HH]

Most of the issues I see are from bad programming or programmers using Flash in ways that it shouldn't be, such as security login screens. Integrating a Flash piece to a SQL database for instance is asking for trouble. SQL injections are hard enough to control in secure languages such as .NET, much less Flash. Asking a user for any secure information in a Flash piece is outside of the proper scope. Another issue is Flash programmers using things such as uploaders, which is ridiculous and can allow a user to upload any kind of malicious object they want.

http://www.publish.com/c/a/Graphics-Tools/...MNL02102009STR3

 

Another big issues is that outside vendors have been very slow to create a Flash security software tool such as Fortify.

 

Another issue is like you said, Adobe doesn't have a schedule for their security updates like Microsoft and Apple.

 

 

 

Most of the issues are programmers not using Flash in it's proper place, but there are built in plugin issues over the years that have caused plenty of headaches such as the Flash Player 10.0 problems I admit. I won't even try to defend Acrobat or PDF files in general, it's a mess. If you need an uploader, database integration, secure logins etc, Flash is NOT the language a developer should be using.

 

Well, in most cases I agree with you, with proper programming, a lot of the usual security concerns are of no consequence. However, we've come to a cross roads of sorts in the computer/information technology field where our hardware has surpassed our software/code. What I mean is, back in the 90's, good programmers had to squeeze every ounce of power out of a computer system as they could, through efficiency, improved algorithms, etc...today, since the speed of hardware has basically surpassed this need, programmers are prone to slop code/lazy coding. Programming today also changed in that most programming now is tying a bunch of pre-written libraries together, and while this is often nice for the sake of uniformity and speed in terms of getting the job done, it also brings up another concern and that's size/efficiency. For example, loading an entire library to perform one minor function in a program, back in the day, the programmer would opt to code that function themselves since it would be the difference in taking up 4kb instead of loading a 10megabyte library, in this day where people have 4 gigs of ram and terabytes of hard drive space, this has become a lost art...and that truly is sad. As fast as our machines are now, they'd be even faster is people still programmed properly...sadly, our hardware has allowed efficiency to fall by the wayside...

 

For example (one that I stated prior), Adobe Reader clocking in at 400+ MEGAbytes is just beyond insane and lazy. It's a reader that reads PDF files. Not only is it inefficient and bloated, but the more of these general use libraries you load and use, the less secure code becomes, as these libraries are often the source of these security holes.

 

It's almost as if most modern programmers (not individuals, but companies) have lost their ability to use efficient code...see Adobe Flash 10.1 Mobile -- while it works on mobile platforms, it's beyond bad in terms of efficiency. Think about it, Flash is a small plugin for a web browser to display animation, interactive animation and video. Not for nothing, but these modern cellular phones have 1ghz cores with graphics acceleration and gobs of system memory. There is absolutely no reason why Flash shouldn't be 50X more efficient than it is. When I see it taking up 10% to 25% of a modern desktop dual core processor...it makes me shake my head at how lazy Adobe has become. There is no reason the Flash plugin should take up more than 1% of a desktop processor to do what it does, and the same applies to mobile technology.

 

This is often why Windows gets slower with subsequent patches, as they continue to plug more holes or add more features, but do nothing to improve the code in terms of efficiency. Often, a release version of Windows will be faster than say, service pack 3. In the old days, subsequent patches would not only add features and fix security holes, but they'd also improve the efficiency of the code and/or make it even smaller, despite the added feature sets. While this still happens once in a while, it's a rarity these days.

Edited August 9, 2010 by Y2HH

[lostfan]

I don't really remember there ever being a time where the resources consumed by software (especially RAM) weren't growing at about the same rate that hardware advances were. Every time I did major upgrades to my desktop with DIMMs that were twice the capacity, a CPU with another gigahertz over the last, or more cores on my CPU, I wouldn't really notice any speed increase (except for when I had a fresh Windows installation) because I always had new software that used even more resources.

[NorthSideSox72]

I've never owned an iPhone, but tried them out. To me, the iPhone and newer Android OS phones were pretty similar in functionality. One better than the other in some ways, but not a lot different.

 

So when I bought my new phone recently, it was simple - AT&T sucks, I was already on Verizon, plus the iPhone is just really expensive compared to even the best Droid phones. So I replaced my BB (which was OK but really not that good) with an Android Incredible. Love it so far, though a few little email functionality pieces for business users could be better. Way better than the BB overall though, except those couple small email things.

 

I'm a fairly simple user - email, text, occasional FB/Twitter, internet, tasks and calendar/exchange use for work. Occasional phone calls, and other things rarely.

 

That all said, I still hope that in two years I'll get my ideal phone: basically what I have, except 60 GB+ capacity for my full music collection, more sophisticated mapping software for offroad use, a tough-box case of some kind, waaaaaaay better battery life, and a GMRS self-powered radio.

 

I'm not holding my breath.

 

[Y2HH]

I don't really remember there ever being a time where the resources consumed by software (especially RAM) weren't growing at about the same rate that hardware advances were. Every time I did major upgrades to my desktop with DIMMs that were twice the capacity, a CPU with another gigahertz over the last, or more cores on my CPU, I wouldn't really notice any speed increase (except for when I had a fresh Windows installation) because I always had new software that used even more resources.

 

Believe it or not, such a time existed. It just doesn't exist anymore.

[StrangeSox]

Flash is simply not a safe closed, Apple-controlled platform that limits available content to what you pay for which is why Jobs doesnt like it. I dont think it has anything to do with performance.

 

[Palehosefan]

Well, in most cases I agree with you, with proper programming, a lot of the usual security concerns are of no consequence.

 

Nice post. Importing libraries is a big issue in Flash file size, especially at run-time. Instead of just calling in a MovieClip, or a Graphic, lazy programmers will call in an entire library of objects because they are lazy or don't understand what they are doing. Which leads me into the main cause of Flash run-time issues, memory leaks. The Flash language developers didn't make garbage collection transparent in their development. You actually had to delete not only the object, but any other objects or references that have used the object at any point. Then you call in a garbage collection routine. Most developers didn't realize this and would end up having Flash memory leaks that would infinitely increase in size at run-time, eventually bogging down users computers. When you have 2,000+ lines of code in a program in a decent sized application it's easy to forget to delete an instance or a reference and you have just screwed the user.

 

But, if done properly and used in it's niche, Flash can produce some amazing things such as this XML, deeplinking, flipbook/magazine.

http://activeden.net/item/xml-flip-book-as...n_preview/63869

[RockRaines]

You're about 15 posts with great information about the weakness of flash too late Strange.

Edited August 10, 2010 by RockRaines