Posts tagged ‘Google and Adobe Flash Player’

As Adobe Flash Player Sandboxed, Chrome Vulnerability Disappears

Vulnerable program as it is, Adobe Flash Player is still too important in Internet field to be ignored by web browsers. In fact, the current market is not only hunting perfect Adobe Flash Player alternatives for web browsers but also trying to figure out methods to make Adobe Flash Player more secure in web browsers. To improve the security level of Chrome, Google has announced that Adobe Flash Player will be sandboxed in newly-released Chrome 23 running on desktop platforms like Windows, Mac, Linux and Chrome OS. To some extent, the sandboxed Adobe Flash Player may lead to the disappearing of Chrome vulnerability.

Chrome and Flash

Sandbox, as a security mechanism, is used to run vulnerable program like Adobe Flash Player. Sandbox a program is just like trapping a man in a virtual world that is highly supervised. He can only act when permission is granted. Moreover, whatever happens to him has little influence to the real world. Theoretically speaking, sandboxing Adobe Flash Player will prevent the automatic installation of malware, stop the downloading of hostile programs existing on malicious web pages and cease the leaking of privacy information caused by Adobe Flash vulnerabilities. Therefore, sandboxed Adobe Flash Player may symbolize the ending of Chrome vulnerabilities caused by Flash Player flaws that may lead to buffer overflow, memory corruption and even security bypass.

This is not the first time Google tries to help Chrome take full advantage of Adobe Flash Player in a safe way. As the owner of YouTube, the largest online video website in the world, Google has to add support to Adobe Flash Player in Chrome. For one thing, Adobe Flash Player is a necessity for Chrome users to watch YouTube videos; for another, HTML5 needs more time to win the battle of HTML5 vs Adobe Flash Player. Chrome first employed Adobe Flash Player as a third-party app. However, Adobe Flash vulnerabilities often got Chrome users in a situation where their computers might be affected by virus or controlled by hackers. Then Google tried to use Adobe Flash Player as a plug-in for Chrome. However, shockwave frequently refused to response to users’ requests, making Chrome an easy-to-crash web browser. Even when new Chrome vulnerabilities caused by Flash flaws were found, users could only fix them by waiting for the new updates from Google. Now, it comes to Google’s sandbox trick.

However, the story of Google and Adobe Flash Player in mobile field is a totally different one. As the developer of Android system, which is a mainstream mobile system at present, Google cooperated with Adobe Flash Player for quite a long time. Android devices running systems from 2.2 to 4.0 can take full advantage of Adobe Flash Player. However, things have changed in Android 4.1, which is also known as Jelly Bean. Google designed Android 4.1 as a system incompatible to Adobe Flash Player. Even the Chrome preinstalled in Jelly Bean devices like Nexus 7 is banned the use of Adobe Flash Player. As a consequence, Adobe Flash Player decided to retreat from Android market on August 15.