Games and animation site Newgrounds announced it is working on a way to play Flash content via emulation.
Ruffle is an open source Adobe Flash Player emulator written in Rust. It targets desktop and the web using Web Assembly, so unlike the plugin (which is scheduled for end-of-life in 2020), any security issues would be issues with the web browser itself.
While the creation of new Flash content instead of modern technology seems a Bad Idea, this Soylentil for one would be quite happy to replay some of the classics (which stopped working when the plugin was banned from his system).
[ Ed Note: the source article claims that open source is the reason why there won't be any vulnerabilities: "For anyone who is concerned about Flash's reputation for security - this project is entirely open source and any security issues would be issues with the web browser itself, whereas the traditional Flash plugin was a closed system that created unique opportunities for exploits." - Fnord666]
(Score: 3, Insightful) by driverless on Monday August 26 2019, @05:41AM (2 children)
Sure, but that's the same as the 360 assembly language argument, you can write buggy, insecure code in Javascript as well as any other language. In fact there's entire industries that churn out buggy, unsafe Javascript, and endless CVEs to accompany their work.
(Score: 2) by Pino P on Monday August 26 2019, @02:58PM
The difference is that should an escape be discovered in JavaScript or WebAssembly, the browser publisher has power to fix it in an update. If I recall correctly, the major browser publishers have a better record on sandboxing hygiene than Adobe ever did.
(Score: 0) by Anonymous Coward on Monday August 26 2019, @03:49PM
The difference is that with this solution, there aren't any more browser exploits than there were without it. Since everything is JS/HTML5, any exploits could be done just as well without this tool as with it (by simply using the proper HTML5/JS directly.