Risk
6/22/2010
02:15 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Adobe Flash Player 10.1 For Mobile Debuts

Long delayed and much disparaged, Flash Player 10.1 for mobile devices will finally be tested in the market place.

Adobe on Tuesday said that it has released Flash 10.1 to its mobile platform partners, a move that means users of Android, BlackBerry, webOS, Windows Phone, LiMo, MeeGo and Symbian OS mobile devices will someday be able to run Flash content.

Just not today. With the exception of Nexus One users who have upgraded to Android 2.2, Flash on mobile phones remains scarce. It's not quite vaporware on the level of Duke Nukem Forever, undelivered after more than a decade. But it's late enough to prompt ridicule from Apple CEO Steve Jobs.

"We have routinely asked Adobe to show us Flash performing well on a mobile device, any mobile device, for a few years now," Jobs wrote in an open letter in April. "We have never seen it. Adobe publicly said that Flash would ship on a smartphone in early 2009, then the second half of 2009, then the first half of 2010, and now they say the second half of 2010. We think it will eventually ship, but we're glad we didn't hold our breath."

Adobe is now promising that "Flash Player 10.1 will be available as a final production release for smart phones and tablets once users are able to upgrade to Android 2.2 'Froyo.'"

That could happen as soon as next month for those buying Motorola's DROID X. For other devices, we may be talking about several months or even into 2011.

Nonetheless, the release of Flash Player 10.1 is better late than never and Adobe has assembled a formidable list of supporters to counter Apple's repeated eulogies for Flash.

There's Google engineering VP Andy Rubin expressing his excitement that "Android is the first mobile platform to support the full Flash Player."

There's Microsoft general manager Stephanie Ferguson declaring that Microsoft is "working closely with Adobe to bring the Flash Player 10.1 to a future version of Windows Phone."

And there's RIM BlackBerry platform SVP Alan Brenner asserting that "customers want a rich experience on mobile devices with access to the full Web featuring Adobe Flash content."

But never mind the posturing. Now that Flash Player 10.1 is real, the war of words between Apple and Adobe will finally be resolved by the market. We will see whether users really want Flash content on their mobile devices, whether Flash content performs well, without degrading battery life or introducing security problems as Jobs has claimed, and whether developers remain committed to the Flash platform a way to reach the widest possible audience.

Coincidentally, Apple on Tuesday said that it has shipped 3 million iPads in 80 days. Unfortunately for Adobe, none of those devices support Flash.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.