1 |
Apparently, though unproven, at 02:07 on Friday 03 June 2011, walt did opine |
2 |
thusly: |
3 |
|
4 |
> On 06/02/2011 02:21 AM, Alan McKinnon wrote: |
5 |
> > Flash is a piece of shit that has never worked right and Adobe are a |
6 |
> > bunch of fools that cannot code properly or securely. |
7 |
> |
8 |
> I agree 100%. My question is why they continue to be so successful in |
9 |
> spite of such a history. |
10 |
|
11 |
That's easy to answer, but it has nothing to do with code and everything to do |
12 |
with human nature. |
13 |
|
14 |
Flash is New!Improved!Shiny! shit full of bling and looks cool to the |
15 |
consumer. Web devs develop flashy shiny sites and users think it's awesome. We |
16 |
look at flash and think "OMFG, how can anyone release crap code like that?" |
17 |
|
18 |
Well, the web dev is hooked into the user's mindset, providing something the |
19 |
user likes and that is real to him. So the user will use it regardless of any |
20 |
issues it may have. The user does not understand our mindset (coders and code |
21 |
quality) so we get no traction with users, we might as well speak Martian |
22 |
|
23 |
|
24 |
> And they don't seem to be improving -- Flash |
25 |
> shows up regularly on the monthly security bulletin from sans.org with yet |
26 |
> another buffer overflow exploit. It never gets better :( |
27 |
> |
28 |
> OTOH, chromium gets security fixes from google every *week*, so they don't |
29 |
> inspire much confidence either. |
30 |
> |
31 |
> Which is safer: an insecure program that gets fixed every month, or one |
32 |
> that gets fixed every week? The answer is not obvious to me... |
33 |
|
34 |
Compare how Google goes about doing things with how Adobe does it. |
35 |
|
36 |
The Google Chromium team appears to take security seriously and are open and |
37 |
up-front about what they do. |
38 |
|
39 |
Adobe likes to stonewall on issues and create an aura of how sekrit stuff is. |
40 |
|
41 |
Which one inspires confidence in fellow geeks? |
42 |
|
43 |
|
44 |
-- |
45 |
alan dot mckinnon at gmail dot com |