Thursday, May 13, 2010

Response to “Thoughts on Flash”

Steve Jobs’ recent comments about the refusal to use Adobe Flash on Apple mobile platforms have gotten some notoriety in the technical world.  Although Adobe CEO Shantanu Narayenhas has provided a response, the debate has led to some QNX customers asking if there are issues that would impact their embedded system designs that use Adobe Flash or the QNX Aviage HMI Suite.  There are not.  This letter will address the concerns raised by Mr. Jobs about the suitability of using Adobe Flash.

  • “Flash is a closed system.”

Mr. Jobs describes Adobe Flash as being “100% proprietary”, “only available from Adobe, and Adobe has sole authority as to their future enhancement, pricing, etc.”, and further comments about Adobe being closed.  However, that language would also describe the situation created by Apple. Apple controls the OS, the development tools, the development machines, the app store, the application approval process, and even the language used to create applications.  Objective-C is not used in any other environment besides Apple and is defined by Apple, just like ActionScript from Adobe. In itself, these facts are not an issue, since both companies develop and promote both proprietary and open portions of their technology portfolio.

However, Mr. Jobs goes on to talk about how Adobe Flash products are “available only from Adobe.” Whereas this statement is in fact true for Apple’s development products, it is not true for Adobe.  Adobe has published the definitions of the language, APIs, file formats and more.  In addition to the Adobe tools, there are a number of open source tools that are created and used by Flash developers, like the Adobe Flex SDK and Flash Develop (Flash IDEs), MTASC (Flash compiler), Ming (Flash library), Gnash (a GNU swf player) and Tamarin (a Flash VM with JIT).  Unlike the Apple environment, developers are able to do Flash development using open source and community tools, which is contrary to the “closed” stance that Mr. Jobs has mistakenly communicated.

  • “Symantec recently highlighted Flash for having one of the worst security records in 2009.”

Contrary to Mr. Job’s statement, the referred to report from Symantec does not claim that Flash has one of the worst security records.  Rather, it points out that the broader the software availability, the more likely that exploits will be attempted against that software.  More specifically the report notes:

“Because [IE and PDF] technologies are widely deployed, it is likely that attackers are targeting them to compromise the largest number of computers possible. Of the Web browsers analyzed by Symantec in 2009, Mozilla® Firefox® had the most reported vulnerabilities, with 169, while Internet Explorer had just 45, yet Internet Explorer was still the most attacked browser. This shows that attacks on software are not necessarily based on the number of vulnerabilities in a piece of software, but on its market share and the availability of exploit code as well.”

Analysis of the actual report is needed to explain what is being claimed by Mr. Jobs.  Symantec lists the five top web vulnerability targets as:
1)      Microsoft Windows SMB Remote Code Execution
2)      Adobe Reader and Flash Player Remote Code Execution
3)      Microsoft IE 7 Uninitialized Memory Code Execution
4)      Microsoft Windows ActiveX Remote Code Execution
5)      Adobe Reader Collab Javascript Remote Code Execution

Only vulnerability #2 might apply to an embedded deployment of the Adobe Flash Player, since #5 refers to PDF files using the Acrobat reader. However, the details of vulnerability #2 affect browser plug-ins only and not embedded systems, since it requires running a maliciously crafted .swf file (the compiled Flash binary) hosted on an attacker’s web site.  On an embedded system the .swf file content is completely static, and .swf files are created and controlled by the developers. Even in embedded environments that use a browser, the system would be protected from potential malicious execution by virtue of QNX’s microkernel architecture. Under the QNX Neutrino RTOS, the browser process is completely isolated from every other system process, and exploits like memory overruns that can be used to gain kernel privilege in a monolithic operating system are not possible.
Most importantly, the attacks in question have been patched for some time.  The number of attacks reported by Symantec in 2009 is actually not related to existing vulnerabilities, as the report further explains:

“Many of the vulnerabilities observed through Web-based attacks in 2009 have been known and patched for some time. For example, the Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness was published on August 23, 2003, and fixes have been available since July 2, 2004, yet it remains the second-ranked Web-based attack. This is likely because of the use of Web attack kits like Fragus, Eleonore, and Neosploit. These kits come bundled with a variety of different exploits, including some exploits for older vulnerabilities. Because an older vulnerability is likely to be included in more kits, it will probably be seen in more attacks than many of the newer vulnerabilities.” 

The number of attacks is not a correlation of actual vulnerability, as Mr. Jobs incorrectly assumes. There are no reports of Flash vulnerabilities when Flash is being deployed in an embedded system.

  • “Flash is the number one reason Macs crash.”

The idea underlying this statement comes from reports about process failures that users choose to send back to Apple.  It is worthwhile to note that these are not instances where the Mac OS itself is crashing, but instead are Mac programs that crash.  Those user reports identify browser plug-ins as the most frequent source of process exceptions.  Further information that details the specific errors that are received has not been divulged by Apple.  Since Flash is the most pervasive software platform, reaching 99% of Internet-enabled desktops, and the assumption that Flash is the most popular and widespread plug-in, then it stands to reason that it will be responsible for a larger frequency of plug-in failure reports.  If a crash occurred once out of a thousand times an application was run, but it was run one thousand times more often, it would show up with identical crash statistics as a piece of software that crashed every single time it was run.  This is not an indicator of software quality, but of the depth of software deployment.

Adobe’s chief technology officer Kevin Lynch says in an interview with PC Magazine that “Regarding crashing, I can tell you that we don't ship Flash with any known crash bugs, and if there was such a widespread problem historically Flash could not have achieved its wide use today."  Flash is deployed on many embedded devices that do not experience the crash results that Mr. Jobs has claimed.

  • “Flash has not performed well on mobile devices.”

This statement is not accurate, and reflects an outdated understanding of Flash. Current versions of Flash and FlashLite perform very well, and the Flash rendering engine can use hardware accelerated graphics on many platforms.  QNX has analyzed the performance of hardware accelerated Flash, observing a substantial speed up in most cases. External assessments of Flash 10.1 and HTML5 show that Flash compares nicely:

"When it comes to efficient video playback, the ability to access hardware acceleration is the single most important factor in the overall CPU load," concludes Jan Ozer, "On Windows, where Flash can access hardware acceleration, the CPU requirements drop to negligible levels. It seems reasonable to assume that if the Flash Player could access GPU-based hardware acceleration on the Mac (or iPod/iPhone/iPad), the difference between the CPU required for HTML5 playback and Flash playback would be very much narrowed, if not eliminated."

  • “Fourth, there’s battery life.”

Mr. Jobs provides little evidence that Flash’s battery consumption is poor.  He instead explains the problem as fundamentally related to how people host their video content. Even this unrelated assumption is based on an incorrect understanding of Flash capabilities, namely that the Flash player does not support H.264 video format (which has been supported in Flash since 2007).

Video playback aside, most embedded Flash execution that concerns itself with battery life will be under control of the developer. FlashLite has been used for the user interface for mobile phones from Samsung, Sony Ericson, and LGE, shipping on over a billion phones, and is very capable of performing with optimal battery life.

  • “Flash was designed for PCs using mice, not for touch screens using fingers.”

This is true, but it is also true for Apple’s technology.  However Adobe Flash, just like Apple’s development environment, was easily retrofitted to handle touch screens.  QNX has demonstrated many Flash based systems that employ a touch screen.

In summary, the claims levelled by Steve Jobs towards Flash are either not substantiated or untrue.  Adobe is fundamentally a cross-platform tool, which is noted by Mr. Jobs himself several times, and as a cross-platform tool it enables leveraging development effort across multiple platforms.  This means that developers using Adobe Flash would not be locked into the iPhone or iPad development target, and would be able to use their software efforts across a broad base of devices. It would appear that Mr. Jobs’ stance against Flash is for business reasons, not technical ones. Gartner research vice president Ray Valdes provides a similar assessment towards the purpose of this attack:
"This is not about technology. The criticisms from Apple about Flash can also be applied to many other systems that Apple has not directly opposed. Therefore Apple's stance appears driven by their business need to protect the iPhone platform against the threat of a cross-platform competitor."


  1. “Flash is the number one reason Macs crash.”

    Ha! What a crappy OS! If a purely graphical user application can crash it!

  2. Hi Andy. Here's a video showing that Flash sites do, in fact, work with touch devices... without having to be rewritten. The video was posted yesterday by Adobe's Lee Brimelow:

    - Paul

  3. @Rennie Allen:

    I don't think Flash will actually crash Mac OS X. I think he means that Flash is the number one thing that crashes on Mac OS X (It won't bring down the entire OS though).

  4. Rennie it's funny when you make dumb assumptions. A crash does not have to be OS-wide.

  5. Anonymous, Rennie does understand it but when you state "Macs crash" that is stating that the whole system crashes. If you're going to talk about application crashes in reference to the Flash plugin then it should be phrased this way: "Flash is the number one cause of Safari crashes".

    As for Flash crashes; how many of them are due to bugs in the Framework that Apple refuses to fix? it takes two to tango when it comes to software development.

  6. "Under the QNX Neutrino RTOS, the browser process is completely isolated from every other system process, and exploits like memory overruns that can be used to gain kernel privilege in a monolithic operating system are not possible."

    Could you elaborate more on this point? In systems with "monolithic" kernels, a non-root process, if exploited, isn't able to get kernel privileges either (barring OS bugs, of course). What makes QNX different?

    And by "completely isolated", you don't really mean completely isolated, do you?

  7. The letter from Jobs you are dissecting focuses on Flash on the Web. Your comments tend to liberally drift between the Web, the desktop, the Apple marketplace, etc. It makes your arguments appear disingenuous.

    Objective-C is not used in any other environment besides Apple and is defined by Apple, just like ActionScript from Adobe.

    Objective-C is not used on the web and hence has nothing to do with Jobs letter.

    However, you have made a number of errors/omissions in your statement ...

    Objective-C is supported by GCC, the source for which is completely open. GCC + Objective-C can be used on any platform, with total freedom and without restriction.

    ActionScript is owned and controller by Adobe. Adobe does not make it's ActionScript interpreter available as open source.

    There are certainly attempts to re-implement Flash and ActionScript in the open source world all of which fall short of full compatibility because Adobe does not support them.

    Apple does make all of it's contributions freely to GCC and Objective-C and so there is no need for an open source implementation, it's already open.

    Realistically, any commercial organizations - such as QSSL - are essentially forced to work with Adobe to support Flash to achieve full compatibility.

    Apple is choosing not to work with Adobe and is making the decision to, instead, attempt to - essentially - kill Flash to hasten the arrival of HTML5 which is a truly open environment with a totally level playing field. Free and open is good right?

  8. adobe sucks. what is a qnx?

  9. >> Free and open is good right?

    Is open a device I bought and own, but I cannot develop for it, nor I can deploy my own applications on it ?

    Is free a platform that dictates exactly what development tools I must use to build applications, and mandates a review of that application built by me for my device before to install it ?

    Is free and open Apple ?

    Apple is a leecher, takes what he can and binds it to them through EULAS and DRM. You cannot even buy a copy of their OS and install it on 100% compatible hardware without getting sued.

    So Jobs speaking about "open environments" is just like Hitler talking about racial equality.

  10. Why are you using Apple vs Adobe flash flame for your own promotion, as it is clearly visible that you don't understand problem, nor OS design. Microkernel use as in QNX, doesn't enhace security in any way, if there is bug in microkernel, it still can be exploited, same for servers which run in userspace.

  11. Flash helps alot in development of company website to provide accurate and efficient customer satisfaction.flash a lot of advantages in our day today life. Keep posting updates
    custom software development

  12. I agree a lot with ]{ above..

    Jobs speaks about openness on the web, every other comment is irrelevant. Corporate "fascism" of Adobe or Apple is another discussion, totally.

    Also I dont like flash eternal beta quality in linux platforms(and darwin possibly?).

    However, I agree with Beni who points one of many Flash advantages. Flash is useful, but a monopoly is never good for the people and for the product itself. Only after Apple's slap to Adobe we see a decent future demo of flash in Android 2.2(froyo) and stability is still to be proven. What about Linux version? What about windows version's crashes in all browsers?

    Poor arguments and off topic, perhaps you should talk about Adobe plans to open Flash a bit.

  13. Adobe Uses DMCA On Protocol It Promised To Open

    How do Gnash developers work with the Adobe/Macromedia EULA?

    You can probably find more evidence against flash's supposed openness but I don't have time to bother and if some one claims flash is open is them that should prove it.
    Where is Adobe's open source page where you can download all their liberally licensed code?

    I won't waste more time responding to your naive blog post. I don't even use flash since I can't because I use OpenBSD and gnash is not good enough.

    P.S. Something as important as web standards (flash) shouldn't be at the whims of a sole entity (Adobe). Flash apologist make me sick.

  14. This comment has been removed by the author.

  15. How much does Adobe pay to QSSL for this kind of promotion?

  16. @Jorge:
    It's no that Adobe doesn't make anything available, Flex is public.
    But I agree with you that the platform isn't open enough for the platform (like Gnash) to work.

    Adobe's equivalent to is

  17. This comment has been removed by a blog administrator.

  18. This comment has been removed by a blog administrator.