16 Nov

Adobe donates Flex to foundation in community-friendly exit strategy

Adobe and the Open Spoon Foundation are preparing to open up development of the Flex SDK. They plan to donate the technology to “an established open source foundation” so that the Flex community and other stakeholders can participate in developing future versions of the SDK.

Flex is a development framework for building conventional applications with Flash. It’s especially targeted at the enterprise space and has some specialized capabilities for creating data-driven software. The core components of Flex were released as open source under the Mozilla Public License in 2007.

Flex development, however, has always been directed solely by Adobe. The move to an open governance model will make the process more inclusive. Going forward, Adobe says that the Flex roadmap will be defined in the open by the project’s governing board. The group will include Adobe engineers, third-party Flex application developers, and representatives of companies that use and contribute to Flex.

via Adobe donates Flex to foundation in community-friendly exit strategy. First Adobe kills Mobile Flash and now Flex looks like it’s about to wither away.

26 Sep

PCMag – Google Patches Flash Zero Day Bug, Jumps the Gun on Adobe Again

Google has developed a bad habit with respect to patching vulnerabilities in the integrated version of Adobe Flash in their Chrome for Windows browser: They release and announce the updates before Adobe does. They have done it several times in the last year or so and today they did it again. "The Beta and Stable channels have been updated to 14.0.835.186 for Windows, Mac, Linux, and Chrome Frame."

This creates a situation in which Adobe has a zero day bug with increased severity. It’s likely that they aren’t ready to release their own patches, yet 3rd parties could look at the Chrome update and potentially examine it in order to determine what it is patching. From that they could construct an exploit.

via PCMag – Google Patches Flash Zero Day Bug, Jumps the Gun on Adobe Again. The bad habit isn’t Google patching security holes it’s Adobe not patching them first.

08 Oct

Call Me Fishmeal – Adobe & Microsoft, Sitting in a Tree. W-T-F-I-N-G?

I… I can’t think of a joke here. I mean, besides “Adobe teaming with Microsoft to fight Apple.” I can’t think of an additional joke that’s funnier.

via Call Me Fishmeal – Adobe & Microsoft, Sitting in a Tree. W-T-F-I-N-G?. Got to agree not a whole lot is funnier than that alone.

02 Sep

Daring Fireball – How to Judge the Battle Between Apple and Adobe Regarding Flash

Here’s how I see this battle between Apple and Adobe. For Adobe, losing would be a large-scale abandonment of Flash by web producers — sites that previously used Flash abandoning it, and new sites never using it in the first place. For Apple, losing would be if the absence of Flash on iOS devices led to people choosing competing devices that do support Flash — i.e. if the absence of Flash for iOS hurt sales of iPhones, iPod Touches, and iPads.

via Daring Fireball – How to Judge the Battle Between Apple and Adobe Regarding Flash. My bet, Apple or rather open standards (ie. HTML5 video and audio technologies) will win in the long run. Flash will slowly decline further and further as it become a less useful platform upon which to operate under or with. HTML5 will be a long and slow pick up due to older browsers not supporting it specifically, Internet Explorer and those people and corporations who are slow to update.

Video is pretty safe to say that Flash is going to be secondary way to display video not the primary. All other uses of Flash if they haven’t been replaced are about to be replaced with alternatives that aren’t as hard to build and overall have better performance for all users including mobile users.

08 Jul

Stack Overflow – Flash CS4 refuses to let go

I have a flash project; it has many source files. I have a fairly heavily-used class, call it Jenine. I recently (and, perhaps, callously) relocated Jenine from one namespace to another. I thought we were ready – I thought it was time. The new Jenine was better in every way – she had lost some code bloat, she had decoupled herself from a few vestigial class relationships, and she had finally come home to the namespace that she had always secretly known in her heart was the one she truly belonged to. She was among her own kind.

via Stack Overflow – Flash CS4 refuses to let go. It gets even better.

10 Apr

Daily Links April 9th, 2008

Lots of news from Yahoo in it’s efforts to fight off the takeover offer from Microsoft.

All of this is big news as Yahoo looks to fight to stay independent from Microsoft. Yahoo envisions it as a bad deal for Yahoo and personally I agree with that. I think Microsoft’s and Yahoo’s culture are too different to work well together.

Here is a good and reasonable mix if you are looking to set up investment accounts. (I really like Vanguard for investing, the fees are very low and their investments do really well. However I personally use Sharebuilder, because ING Direct is my main bank.)

In the 1990’s the rich got richer, while the middle and poor class stagnated or even fell behind in their incomne level, reported via CNN.

Techcrunch built a quicke app on Google AppEngine and share their experince.

Adobe released the Adobe Media Player, really nice looking app and the quality of video looks really nice. It already has both video podcasts as well as some tv shows, evuntally Comdey Central Shows including The Daily Show will be in the player. You will be able to download each new episode directly to your pc.

There is some of the more interesting stuff I found today surfing the web, till tomorrow.

08 Sep

Firefox Code Base Analysis

Mozilla Firefox is an open-source web browser, that has gathered just over 11% of the internet browser market, an impressive movement for a browser that has to be physically downloaded onto a person’s computer and is not known outside of tech/geek circles. Few people install it themselves outside of these circles unless they know someone who has set up their computer and installed Firefox for them. (Side Note – I use Opera, another excellent open-source browser priopertary but free to use browser that has plenty of built in security features, one of the main reasons to switch to Firefox.)

An open-source program is a software program that is developed not by a commercial company such as Microsoft or Adobe or Apple, but rather is one that is developed, coded, and maintained by a community of users. All of these users develop the code, report on errors and work to fix the errors and constantly improve the program. Mozilla is a non-profit corporation, so it makes no profit from Firefox being used, and the majority of the developers are people outside of the company. This does several things generally to open-source programs, one is that it makes them quicker to respond to changes in the market, as the people who write the code are already at the forefront of any technology waves, they quickly make sure that the browser is compatible for all new technologies. Also it generally provides a more secure and resilient program, which seems like backwards logic – Wouldn’t a program whose source code is viewable actually be more open to attack.

In fact, in theory and in practice that the opposite is actually true. This based on a fundamental idea behind many Web 2.0 apps and the open-source movement and to some extent democracy – the wisdom of the crowds. This theory says that when you get a ton of people all looking at the same thing and all examining it the bad stuff, whatever it may be from a bad code to a bad news article in the case of Digg, is removed. Think about it, how many times have you just needed one other person to check over your work to be see what you are doing, writers do it, engineers do it, accountants do it, everybody does it. Now imagine that you have at least a dozen (on the smallest open-source projects) to several hundred (on the largest open-source projects) examining what you put into the program. All of sudden, all those careless mistakes that you make are eliminated, because not is it you and maybe one or two other people checking your work but instead tons of people are checking your work for you as you check their work. This is the inherent power of the open source movement.

However as we have found far too often no system is perfect, and Firefox is also prone to errors in it’s source code. G2zero.com examined the source code of the Firefox browser and found that there were 655 defects and 71 potential security vulnerabilities in the source code. Now that may seem like a lot to those of you who do not code programs, but for a program of this scale and magnitude that is a great number. No program will ever get rid of errors or security issues, think about even Mac OSX which routinely touts the operating system’s inherent security. Apple releases patches and security bulletins for OSX too, the same as Microsoft issues patches for Windows every 2nd Tuesday of the month, what is known as Security Tuesday.

The question here is whether or not automatic software tools that examine code and look for errors are worth deploying. There are a great many who say, yes, because it helps you to find the errors and a computer won’t skip over things that a human would ignore. Whereas another great many say, no because a computer sees things that just don’t matter a human knows the code and knows whether or not an error actually matters in the code or can just be ignored. I have to take the middle road on this, you should test and error proof the code yourself, a computer program can give you a place to start but it does not understand the whole code the same way a human does. The best thing is to do unit tests on your code and determine that the code works even when given invalid data. A security hole will always exist, an error can always be found, but does the program work reliably and efficiently is possibly the better question to ask. The general public doesn’t care how many security holes a program has, they just want it to work. This is not to say they programmers should leave their code open to attack, rather the emphasis should be on producing quality code that in the words of Apple “just works”. When quality code is produced that “just works” the security comes hand in hand.

Edit – Sept. 16, 2006 10:22 pm, Fixed a mistake in my posting regarding the nature of the Opera web browser.