Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/30/2010
10:30 AM
50%
50%

Apple CEO Steve Jobs Lashes Out Against Adobe's Flash

Flash had 'one of the worst security records in 2009,' says Jobs in a major offensive against Adobe

Apple Chief Executive Steve Jobs, defending the company's controversial decision to keep Flash off the iPhone and iPad, says the Adobe technology for playing multimedia is a relic of the PC era that offers only technical headaches for mobile device makers.

In a rare open letter posted Thursday on Apple's Web site, Jobs took on critics, and Adobe, by citing the problems he sees with Flash, including security, poor performance and no support for touch-based interfaces.

"Flash was created during the PC era -- for PCs and mice," Jobs said. "Flash is a successful business for Adobe, and we can understand why they want to push it beyond PCs. But the mobile era is about low power devices, touch interfaces and open web standards -- all areas where Flash falls short."

Jobs' letter marks a major offensive against Adobe, which has said that Apple's Flash ban reflects a "disturbing trend where Apple is starting to inhibit broad categories of innovation on their platforms." Apple's motivation, according to Adobe, is purely business: The computer maker wants "closed" systems where developers pay an "Apple Tax" to offer software for its devices through the company's online App Store.

However, Jobs said "technology issues," many of which Adobe has already refuted, were the real reasons behind Apple's decision.

Among the issues listed was security. Quoting security vendor Symantec, Jobs said Flash had "one of the worst security records in 2009."

"We also know first hand that Flash is the number one reason Macs crash," Jobs said, referring to the company's desktop and laptop computers. "We have been working with Adobe to fix these problems, but they have persisted for several years now. We don't want to reduce the reliability and security of our iPhones, iPods, and iPads by adding Flash."

Besides security and reliability, there's the issue of battery life, according to Jobs. Apple prefers to use a video decoder called H.264, which is in the chips of the company's mobile devices. Besides offering better performance, this can almost double the device's battery life, when compared to using software, such as Flash, to decode video.

In addition, Flash doesn't support touch-based interfaces, which are key to interacting with the iPhone and the iPad. "Flash was designed for PCs using mice, not for touch screens using fingers," Jobs said.

Rather than Flash, Apple is requiring developers for its platform to use Web technologies, such as HTML5, cascading style sheets (CSS) and JavaScript, as an alternative. The use of these open standards addresses a key objection Jobs has with Flash, beyond the technological issues: Placing a third-party software maker between developers and Apple's platform.

"We know from painful experience that letting a third-party layer of software come between the platform and the developer ultimately results in sub-standard apps and hinders the enhancement and progress of the platform," Jobs said.

The CEO argued that such a scenario means new features added to a platform can't be accessed until the third-party software maker gets around to supporting them. This could take far too long when the software maker, such as Adobe, is supporting several platforms at once.

"We cannot be at the mercy of a third party deciding if and when they will make our enhancements available to our developers," Jobs said.

While Jobs may not have the last word on the controversy, his position indicates its unlikely Flash will be added anytime soon, if ever, to Apple's mobile devices. Therefore, it appears Adobe made the right decision this month when it stopped development of its Flash-to-iPhone technology, and would focus on smartphones based on Google's Android operating system.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27905
PUBLISHED: 2021-04-13
The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To...
CVE-2021-29262
PUBLISHED: 2021-04-13
When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and would allow it to be rea...
CVE-2021-29425
PUBLISHED: 2021-04-13
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "...
CVE-2021-29943
PUBLISHED: 2021-04-13
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts.
CVE-2021-28938
PUBLISHED: 2021-04-13
Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query exec...