Adobe Flash Is Dead in Name Only
Flash is finally dead. Well, the name is, anyway.
The platform that was until yesterday known as Adobe Flash Professional CC is now Adobe Animate CC. What does that mean? According to an Adobe statement announcing the change, it’s part of an ongoing commitment to “evolve to support multiple standards,” specifically HTML5. In practice, though, the answer is: not much. Meet the new Flash, same as the old Flash, and still a security-addled, closed-off mess.
The good news, at least, is Adobe seems to acknowledge the inevitability of an HTML5 world. A simple rebranding, though, doesn’t do much to get us there.
Not Dead Yet
When Adobe Animate CC debuts early next year, it will introduce features like new vector art brushes, easy access to high-quality stock art, and the ability to rotate the canvas 360 degrees from any pivot point. Fun stuff!
What it won’t do, though, is fix the various security problems that have plagued Flash for years. Flash the platform has a new name, but Flash the development tool lives on. It’s just no longer the focus, both because of the negative associations clouding the brand, and because it’s no longer the primary weapon in a developer’s arsenal. It’s had to make room for the future, and so has Adobe.
“Adobe’s strategy is to make money regardless of what happens in the market,” says Forrester Research principal analyst Jeffrey Hammonds. “They understand that there’s a slow transition to HTML5 going on.” Online advertising, for instance, once a Flash stronghold, has increasingly shifted to HTML5. “At some point you have to embrace the change,” says Hammond. “The rebranding is a visible sign of that, but the internal focus on supporting technologies like HTML5 has been going on a while.”
Why go to the trouble of supporting Flash at all, then? It’s as resource-heavy and security-addled and closed-off as ever, and hiding it behind a more anodyne name doesn’t solve what pulling the plug altogether would. Earlier this year, Facebook called for an end date, some mutually agreed upon moment when Flash simply stopped. Why not do that, instead?
“There continues to be a huge amount of Flash content out there, especially video and gaming content, and we plan to do all we can to keep Flash Player stable and secure because it is the responsible thing to do,” an Adobe rep says. Even Facebook seems inclined to agree; the social network is working more closely with Adobe to identify and patch any security holes in games hosted on its platform. Facebook declined to comment, but Hammond notes that the collaboration doesn’t necessarily mean it has warmed to long-term viability of Flash.
“Even if you have an end-of-life date, that would probably be a couple of years into the future,” the analyst says. “Why would you not continue to address security gaps as they come up between now and then?”
In fact, if anything the Facebook collaboration underscores just how little the existence of Adobe Animate mitigates the mounting concerns about Adobe Flash Professional. Being out of the spotlight doesn’t make it any less unsafe. And without an end-of-life date, the surest bet is to resign yourself to constant, indefinite maintenance.
What Comes Next
So no, Flash isn’t dead, or really any closer to it. At the very least, though, Adobe seems to have acknowledged its eventual marginalization as a development tool, if not outright demise. In some ways, that may be preferable to a swift execution. When Flash does go away, it will exact a cost.
“I think a lot of older websites that have not been updated will be broken on laptops and desktops, because a lot of folks have been building on mobile over the last couple of years,” says Hammond. “I actually think we’re going to see a bigger impact in the enterprise world than in the consumer world, because a lot of the technologies behind the firewall are a lot slower to evolve.”
The Web already is littered with the artifacts of outdated standards, though; it’s an unfortunate but predictable side effect of barreling into the future. And the workloads that currently fall to Flash—those videos and games—should be manageable in HTML5 at some point, especially given Adobe’s commitment to the open standard. “We’ve always been at the forefront of HTML5 design and development,” says the Adobe rep,” “and have embraced it as the future of the web platform.”
The trick, though, will be making sure that when HTML5 does supplant Flash, it doesn’t repeat its predecessor’s mistakes.
“There are differences in HTML5 and Flash, the former being open source while the latter is closed source,” says Malwarebytes security researcher Jérôme Segura. “In theory, this means the code can go through more scrutiny, but that doesn’t necessarily translate to better security.”
Maintaining HTML5’s security could also become even more difficult as it evolves to replace current Flash strongholds.
“The other concern to watch for would be any alterations to HTML5 to accommodate the needs of the ad or gaming industry,” continues Segura. “A piece of technology can start with the best intentions, but as new features and requirements come along developers may have to make concessions, which often have a security impact.”
It sounds like, for better or worse, they’ve got plenty of time to figure it out. Adobe Flash is dead. Adobe Flash lives. For now.