Adobe Flash Player

Adobe Flash (formerly Macromedia Flash) or Adobe Flash Player is a large weight, runtime environment for multimedia platform development that is popular for adding animation and interactivity to web pages. It can be used to add animation, video, and interactivity to web pages.

FutureSplash Animator, developed by young Jonathan Gay, was the first version of Flash. He created the program in 1995 and tried to entice Adobe. Adobe was unimpressed and passed on the software at that time. FutureSplash animator was first offered to the general public in 1996. By 1997 Macromedia had acquired the program From Gay and the program was renamed Flash. It was even known as Shockwave Flash for a period before a better distinction was made clear. In 2005 Adobe bought out Macromedia, which now put Flash into their hands.

Both browser apps are the property of Adobe. The terms Shockwave and Flash are sometimes used interchangeably, or even as a phrase "shockwave flash." Although the differences are confusing, or even seemingly subtle to many, they are two different apps.

Shockwave, as a definitive plugin, was released before the Flash plugin. In 1995 while Flash was still known by another name, Shockwave was being used as a way to play back multimedia content, animation and small programs in a Web page.

Shockwave is more powerful than Flash. Shockwave includes a full 3D playback environment that uses 3D software and hardware, which is why Shockwave is used for a lot of 3D games on the Web. Shockwave can also incorporate Flash content inside Shockwave applications.

Macromedia adapted Flash from Future Splash Animator, a vector art animation program. Macromedia adapted Flash to utilize less bandwidth at the time since it was intended for use on Internet dial up connections. Since then the small Flash footprint has been "stamped out" since Flash today is bloatware full of patches, too many little used features, and copyright protection schemes.

Flash is still considered to be less bandwidth intensive than Shockwave. Flash is more universal. More than 90 percent of Web users have the Flash plug-in installed, while a little less than 60 percent have the Shockwave plug-in.

However, confusion is perpetuated by the SWF file format (filename.swf) or Shockwave Flash file format. This is the extension for Flash files for playback using the Adobe Flash Player plugin. Because adobe was originally known as Shockwave Flash, the file extension was an acronym for that name.

Mime type: application/x-shockwave-flash, application/x-shockwave-flash2-preview, application/futuresplash, image/vnd.rn-realflash

Websites that heavily use Flash suffer from loss of web browser standard functionality. Some Flash designers use meta refreshes or other tricks to disable browser’s Back button. As the famous usability expert Jacob Nielsen says, ‘Back button is the second most important navigation element after hyperlinks’. Flash also negatively impacts things like selecting text, scrollbars, form control and right-clicking, making these act differently than with a regular HTML webpage.

Mouse wheel scrolling is impacted by the presence of Flash on a web page. In many browsers, it is not possible to scroll a web page with the mouse while the cursor is held over flash content. Scrolling with the arrow keys may require a click on the page outside the flash.

In Windows, Shockwave/Flash (.swf) files cannot be right-clicked and saved. Greedy companies use this as a way to limit access to information on the Internet, thus placing speed bumps on the Information Superhighway. On photo sharing websites such as Webshots, a Flash overlay exists over the initial photo displayed, requiring a second click to retrieve the photo, slowing the experience considerably.

Flash can be used to store data about you when you browse the web, much like cookies, but much more secretly and extensively. You can easily clear your browser cookies, but the data Flash saves can be hard to locate, if not impossible for most users.

The issue of insanely poor security in the Flash Player is a subject matter all on its own. Many security issues could be addressed if Adobe would allow the various features of Flash to be selectable, on and off, by users much the same as MSIE Internet zone security allows. Flash has no mentionable configuration option for users. It is pretty much all or nothing.

Flash has become the instrumental of an ever increasingly crafty way of bombarding the browsing experience with commercial advertisements and popups. Most popup blockers are useless against popups opened by Flash. Flash can open popups, redirect your browser, and force execution of adware without user permission.

Adobe Flash seems to be vulnerable to an endless string of malware. Adobe products, especially FlashPlayer, Shockwave Player and Adobe (PDF) Reader, have had some serious security holes (vulnerabilities) that hackers that code viruses exploit to infect people's computers.

Adobe Flash malware also has the ability to be cross-platform, infecting everything from desktops to smartphones and anything else that runs Flash. There are over 100 entries in the Open Source Vulnerability Database, many that allow remote code execution on a victims computer.

Adobe Flash is constantly being used as a delivery mechanism for malware. Hackers (malicious programmers) are taking advantage of flaws in the fundamental design of Flash in ways that cannot be anticipated. Like ActiveX, QuickTime, and other browser components, Flash has had its share security vulnerabilities. Experts now believe that Flash has had more total serious vulnerabilities than both ActiveX and Quicktime put together.

The problem with Flash is its absence of controls to disable behavior like Web site redirection. End users have no control over what's offered in Flash. There is nothing the end-user can do to avoid the malicious behavior other than disable the Flash plugin. If Flash is installed on your system it can be hijacked.

Hackers Use Flash to Take Control of your Computer

In June of 2010 security experts announced on a flaw in Adobe Flash and Acrobat Reader that gives malicious hackers control of victims' computers. They advise the industry stop using Adobe Flash and look to alternatives such as HTML5 as the future of Web video. The flaw discovered in Adobe flash could be used to crash a victim's PC and let hackers take over the machine.

The very serious flaw is labeled CVE-2010-1297 and exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows and Macintosh. An attacker simply creates a malicious SWF file and embeds it in a web page waiting for someone to visit the page, much like a Venus fly trap waits for a fly to land.

Symantec has named the exploit "Trojan.Pidief.J." and says the exploit drops a back door Trojan onto a victim's computer if the computer has one of the affected Adobe products installed. Symantec also spotted an attack using a malicious SWF file. The attack is used in conjunction with an HTML file to download another piece of malware from the Internet they call "Backdoor.Trojan." Victims could be hit when they visit a web site that looks completely harmless.

To avoid the Adobe GetPlus DLM Vulnerability, you must be careful how you install or update the Adoble Flash Player plugin. Steps to avoid this spyware is covered on the Adobe GetPlus DLM Vulnerability page.