Monday, March 8, 2010

Top 10 Most Vulnerable Apps of 2009

Here is a link: Top 10 Most Vulnerable Apps of 2009 | threatpost

With recent Flash, iPhone/iPad tug of war between Apple and Adobe I'm certainly not surprised why Apple and Steve Jobs have taken their respective position given the findings of this report. It certainly reaffirms what Steve Jobs has recently said that Flash is a buggy resource intensive piece of software. I've been around the block and certainly knew Flash, Shockwave and Adobe Reader require countless updates but did not believe for one minute it would be the #1,2 and 3rd most vulnerable piece of software in 2009.

It certainly doesn't help Adobe in their fight for Flash remaining vital and dominant in the future. With HTML5, it seems Flash may become irrelevant sooner rather than later. We've already had converts like Virgin America drop Flash support in favour of HTML5. With results like these I think Adobe should be doing a lot more to fix their reputation and improve overall security. Is Adobe another Microsoft before their software security initiative a few years ago? Perhaps only time will tell.

The other surprising fact of this report was Quicktime and Safari making the list at number 4 and 5. I've never really liked Quicktime, I've always preferred VLC so I'm not heart broken. But ever since switching to Mac I've really enjoyed Safari. I like its interface, performance and integration into OS X. However lately I've been rethinking my Safari strategy in light of multiple confirmations by security researchers of its short comings. Such things worry me and believe it or not I'm testing Google Chrome. I've been using it for a couple of weeks, so far so good. I won't say there have been no problems but general browsing is really good. And the fact Google Chrome was the only browser not compromised at the 2009 CanSecWest Security Conference helps me accept it as a good and safe alternative to Safari.

I think a turf war between Apple and Adobe is here and inevitable as both fight for dominance over mobile Internet content. What comes of it only time will tell. But certainly both companies have to do a better job in securing their products and guarding their customers.

No comments:

Post a Comment