Apparently, though unproven, at 02:07 on Friday 03 June 2011, walt did opine thusly:
> On 06/02/2011 02:21 AM, Alan McKinnon wrote: > > Flash is a piece of shit that has never worked right and Adobe are a > > bunch of fools that cannot code properly or securely. > > I agree 100%. My question is why they continue to be so successful in > spite of such a history. That's easy to answer, but it has nothing to do with code and everything to do with human nature. Flash is New!Improved!Shiny! shit full of bling and looks cool to the consumer. Web devs develop flashy shiny sites and users think it's awesome. We look at flash and think "OMFG, how can anyone release crap code like that?" Well, the web dev is hooked into the user's mindset, providing something the user likes and that is real to him. So the user will use it regardless of any issues it may have. The user does not understand our mindset (coders and code quality) so we get no traction with users, we might as well speak Martian > And they don't seem to be improving -- Flash > shows up regularly on the monthly security bulletin from sans.org with yet > another buffer overflow exploit. It never gets better :( > > OTOH, chromium gets security fixes from google every *week*, so they don't > inspire much confidence either. > > Which is safer: an insecure program that gets fixed every month, or one > that gets fixed every week? The answer is not obvious to me... Compare how Google goes about doing things with how Adobe does it. The Google Chromium team appears to take security seriously and are open and up-front about what they do. Adobe likes to stonewall on issues and create an aura of how sekrit stuff is. Which one inspires confidence in fellow geeks? -- alan dot mckinnon at gmail dot com
