Adobe Opens Up AMF Spec

neutrino38 writes "Adobe has released the specification of the AMF format, the format used by Flash Remoting — the equivalent of AJAX for the Flash world. The article doesn't mention the AMFPHP project and the fact that some German and Canadian guys had reverse-engineered the format a long time ago. Adobe's action eases a long-standing legal uncertainty that slowed the uptake of AMFPHP for commercial projects. Next, we note that Adobe has not released its RTMP protocol used to contact a Flash Media server. This latter protocol is more interesting as it provides sessionful operation; media streaming; RPC both client-side and server-side using the AMF format; and shared objects among several sessions and server-side events. Fortunately, RTMP has been partially reverse-engineered by the red5 project. I suggest that the W3C should take a look at the whole Flash ecosystem as they think about upgrading the HTTP protocol."

Gnash!!

[bvimo]

Will the opening of AMF help Gnash http://www.gnu.org/software/gnash/ [gnu.org] ?

Re:

[Wesley Felter]

Not really. There was already an unofficial AMF spec, so having an official spec that says the same thing makes no difference. The problem with Gnash is that they just don't have enough coders to keep up with changes in Flash Player, so they will fall farther and farther behind.

Nice summary...

[intnsred]

I don't know about the "news value" of this article, but big kudos for tying together names, links and references to a bunch of interesting-sounding projects.

Worst...

[Chineseyes]

This is among the worst summaries I've ever seen on slashdot, and thats saying a lot. The use of so many acronyms without any background information, combined with absolutely no reason as to why anyone should even care is a true achievement. Congrats sir for combining the worst characteristics of article submissions so that future slashdotters may have an example of a poor submission. With all that you have accomplished with this I have one complaint and do not take this as a troll. In your next sub

Re:

[greg1104]

I thought the submission was quite good. If you don't have the background to follow all the acronyms or understand the implications without having them spoon-fed to you, perhaps you should switch to a site whose motto is more like "News for not-quite-nerds?"

Re:

[totally bogus dude]

I also thought it was pretty good. If you don't understand it, chances are it's probably not interesting to you, so just ignore it. You might also note that this is on developers.slashdot.org, so it's pretty much blindingly obvious who the target demographic is. Not every developer (nor even every web developer) is going to care about it, but a lot of the draw of sites like slashdot is that it allows you to keep abreast of news in areas related to your field of interest, but not quite close enough to your c

Re:

[gbjbaanb]

Actually, it is *the* worse summary. Its a sad day when even the submitter doesn't RTFA:

Summary:

The article doesn't mention the AMFPHP project...

Article:

.... said Wade Arnold with AMFPHP. "Working with Adobe, we can create a common programming model that enables RIA developers to extend the reach of their applications across different server technologies in a compatible and consistent approach. The AMFPHP project is ecstatic to be able to work directly with Adobe in order to better leverage the AMF protocol in LAMP applications."

Designt HTTP around FLASH? WTF?

[brunes69]

I suggest that the W3C should take a look at the whole Flash ecosystem as they think about upgrading the HTTP protocol.

This statement at the closure of the article is so stupid I don't even know on which angle to attack it first.

As a side note, can we PLEASE gt rid of this horrible trend of submitters adding their own "personal view" on postings? Frankly I don't give a crap. It's bad enough when the editors do it.

Re:

[Anonymous Coward]

It's interesting to hear stuff like this, people really are under the delusion that their pet language/framework is the one true way. It also comes up in discussions ("Well I think that...") -- as if an ignorant opinion carries any weight. This is something the HTML5 WG have had to contend with; people who don't even understand the concept of the web making "helpful" suggestions.

So the editorial slant isn't so bad in context, it lets us dismiss the story without having an unwarranted lengthy debate about so

Open Standards

[bigpat]

The summary is a jumble mess, but the fact that Flex/Flash is still mostly closed source, but fills an important gap that isn't addressed by currently implemented standards, is problematic.

Take a look at this google finance page [google.com] You simply can't do the type of interactive charting that they do there without Flash and Flex. Any AJAX implementation of that would be just a hack.

It could be done with AJAX techniques and SVG, which is the open standard for flash like animations, but neither major browser implements the full spec yet.

So, the larger point about needing an open standard that is actually implemented is a valid one. But I don't think the fault lies in the W3C, it is just that it is taking some time for volunteer programmers to implement the standards that they came out with in Firefox.

Re:

[ScrewMaster]

You simply can't do the type of interactive charting that they do there without Flash and Flex.

The Tomato firmware in my router does something very similar using Ajax. I don't know enough about Ajax to know if what he did qualifies as a hack, though.

Re:

[Anonymous Coward]

"You simply can't do the type of interactive charting that they do there without Flash and Flex."

JavaScript+Canvas

JavaScript+SVG

Java

Looks like that's 3 interactive charting methods without flash and flex. I'm sure the list could be bigger.

Re:

[bigpat]

JavaScript+Canvas

Last time I checked Canvas wasn't supported in IE and HTML 5 (which it is included as a part of) isn't out yet as a released standard. Might be a good stopgap before svg full is supported, but is it really that much easier to implement than SVG or do you give up something?

JavaScript+SVG

This would be ideal, but animations aren't yet supported, so you would have to download new svgs with AJAX for interactivity. That seems like an unfortunate hack to me. Better to have the svgs be able to dynamically update more discre

Re:

[jibjibjib]

I don't know what you're talking about when you say SVG "animations aren't yet supported." Javascript can be used to manipulate elements of an SVG image, creating animation and interactivity. I've played simple games (e.g Tetris) in Firefox which are implemented entirely with SVG and Javascript.

Re:

[bigpat]

The javascript way of animations is more akin to an animated gif, it can be made to work for some things, but svg is supposed to have built in animation support which is more like flash. Firefox doesn't yet support the animation module.

Re:

[hey!]

The javascript way of animations is more akin to an animated gif

I'm not sure precisely what you mean. I've seen apps where javascript is embedded in SVG (the way it is more typically embedded in HMTL) to produce an interactive app; attaching event handlers to graphical objects produces what in effect are widgets. The combination of drawing, scripting and event handlers essentially means you have a GUI platform. Add some model for javascript to do communication and I'd say you have a pretty complete syste

Re:

[Raenex]

Sure there is java. But Java is being blocked by a lot of corporate firewalls, just like activex is (which you didn't mention). And it is also plugin based.

Flash is plugin based too. I agree with you that JavaScript+SVG support would be ideal. Too bad Microsoft will never support it.

Re:

[bigpat]

Flash is plugin based too. I agree with you that JavaScript+SVG support would be ideal. Too bad Microsoft will never support it.

Microsoft doesn't want to see Adobe controlling the Web platform where Microsoft failed with ActiveX. It might not be Microsoft's first choice, but given that nobody is going to help them create yet another Microsoft monopoly, supporting SVG might be a good way to limit Adobe's dominance of the rich internet application market.

Re:

[Raenex]

It might not be Microsoft's first choice, but given that nobody is going to help them create yet another Microsoft monopoly

Sadly untrue. Witness Silverlight and Mono's "Moonlight" implementation. Microsoft will never implement SVG unless they are actually losing the browser war and web authors write content only viewable in SVG-capable browsers.

Re:

[ozone_sniffer]

You're missing the point the parent was focusing on. The question is not whether flash is useful or not, and should be standardized or not. The question is wtf flash standardization has to do with the HTTP protocol. The summary is (miserably) trying to imply there is something which should be modified in the next version of HTTP so as to benefit the usage of flash in some (mysterious, IMO) way. Flash is a content format, HTTP a network protocol. They're as related as horses and trucks carrying horses.

Re:

[bigpat]

I didn't miss the point. I agree that this has nothing to do with http protocol, but the point I think the submitter was trying to make was close enough to being in the right ballpark that I thought it was worth pointing that out. Flash/Flex is not just a content format, it is its own proprietary client platform for writing rich internet applications... It is basically its own web browser within a web browser which, if it gains any more wider adoption, it is going to subvert the open standards nature of

Re:

[ozone_sniffer]

Well, I see everything inside the browser as content, but as I am miles away from web development (and happy for it ;) ) my view is pretty myopic in that sense. In other words, I think a usefull flash application is yet to be born. But then again, I might not be getting the whole picture. That said, I agree that W3C should pay more attention to this "black hole" in the web infrastructure, given it proves to really be a black hole.

Perhaps the acronyms the original poster was searching for could be found h

Re:

[jibjibjib]

You argue that Flash has nothing to do with the design of the HTTP protocol, and say that "they're as related as horses and trucks carrying horses" as if that makes them unrelated. Have you ever even seen a truck carrying a horse? All the trucks carrying horses that I've ever seen are specifically designed to carry horses.

Re:

[ozone_sniffer]

I hope you're trying to say that the metaphor was poor. If not, then I can only understand you're trying to say that HTTP should be designed specifically to transport flash content. I really hope that is not the case, because it would be the same as having every truck in the world being designed to transport horses, even those which would end up being used to transport pigs or whatever.

Assuming the first, replace horses by potatoes, or whatever suits you better, it really doesn't matter as long as you ge

Re:

[brunes69]

The problem with your analogy is that HTTP has to carry a lot more than just flash content.

A better analogy is that optimizing HTTP for flash is like optimizing a transport truck to carry frozen meat by installing refrigeration systems when it only has to carry it from 4-8 PM every second Sunday. A much more optimal solution is to just pack the meat better so it doesn't need such aa truck - ie, if there are problems sending flash over HTTP, then optimize flash to travel over HTTP (after all you don't use it

Re:

[bvimo]

>but neither major browser implements the full spec yet.

Excuse me, are there only two major browsers? So far today I've used Safari and Opera on an eMac and Konqueror, Firefox and Opera on Kubuntu. I did play with Lynx as well, but I stopped as I had to go outside.

I don't know how well Safari, Opera (Max|Linux|Windows), Konqueror or Firefox support SVG.

Yours

An outraged browser user

Re:

[SanityInAnarchy]

Any AJAX implementation of that would be just a hack.

Any Flash implementation would be by definition a hack. The difference is, as you say, there's actually an open standard for AJAX.

Re:

[brunes69]

It's stupid because HTTP is a transport protocol and nothing more. Flash is a frigging widgeting and GUI engine. It has absolutely nothing to do with HTTP other than the fact that sometimes you download SWF files with it.

That's why it's a stupid comment. It would be akin to me saying they should redesign bittorrent around ISO files because I download them over it. It isn't the fact that the comment is idiotic that pisses me off, it is that the editors left it in there and decided to post it to the front pag

What Flash Does that Others Don't

[slaingod]

A lot of this came up in the silverlight discussion a couple of days ago, but until html/javascript or some new standard provides for:

* Video Playback
* Audio Playback
* A/V Capture thru connected devices with appropriate security
* Bitmap manipulation ala Displacement Maps, Blur, Glow, or other direct bitmap manipulation (for both video effects as well as photoshop style web apps)

there will be a place for flash (and maybe silverlight once it actually does these well).

And the comments like 'I've never found a

Re:

[account_deleted]

Comment removed based on user account deletion

Flash ecosystem...

[TheLink]

"take a look at the whole Flash ecosystem"?

I'm sure a whole bunch of security researchers (and "security researchers") have done so and are rubbing their hands with glee.

Just look at where Adobe took PDF - from the early relatively safe years to the javascript ridden present.

Re:

[jwisser]

You, sir, have a bastardly sig. Well done.

Flash is the web's single point of failure

[goombah99]

Exactly. Flash is more ubiquitous than anything on the web. More ubiquitous than internet explorer. It runs binaries in the host machine, not simply running the in the browser's sandbox. I don't know if it will load and run native binaries over the web (like active X) or if it has it's own sandboxed java-like pseudo code. But it's a single sourced point of failure rather than a diverse ecosystem like all the different java VMs. Plus the code is enormous. Who knows what's in there. (cringley has speculated ADOBE could leverage this ubiquity to role out all sorts of products deployable overnight just by activating them. e.g. imagine is tommorrow everyone with flash also had bit torrent, google desktop, and perhaps even some DRM system available. "flash" deployment of programs could make them instant industry standards. no more arguing over which DRM will be universal is everyone has it available.)

Flash, ActiveX et al: incomplete planning

[Grampaw Willie]

Flash, ActiveX, Java, et. al. render web pages executable, generally

at this point it appears that NO PLANNING has been done to secure these vehicles from spreading trojans and various un-authorized programming

am I to accept one certificate from a web site and take that as credentials for every page on that site?

this plan has been available for a while now, yet CyberCrime is flourishing. and CyberCrime generally relies on trojans: un-authorized programming.

with polymorphic virus changing their colors rapidl

Re:

[TheLink]

I've proposed sandbox security templates:

https://bugs.launchpad.net/ubuntu/+bug/156693 [launchpad.net]

Basically an app will announce what sort of template sandbox it would want to be run as, and a user will decide whether it's OK or not. If OK, the OS will enforce the sandbox.

If an app claims to be a "guest game/applet" AND requests that it be run likewise, it won't be able to do much.

Whereas if an app claims to be a "guest game/applet" but actually requests "Full System Privileges" (the OS/GUI should pop up the usual warn

Re:

[99BottlesOfBeerInMyF]

I've proposed sandbox security templates

Might I suggest you champion the inclusion of SELinux by default in distros. It would at least allow security minded application designers to solve their part of the problem.

Basically an app will announce what sort of template sandbox it would want to be run as, and a user will decide whether it's OK or not. If OK, the OS will enforce the sandbox.

I think this is about 1/3 of the solution. First, if an app is going to announce itself, it might as well be specific and come with a full ACL describing what it should be doing, thus providing finer grained security and preventing some overflow style attacks. Second, since such a system does not address malware, it needs to be pai

Re:

[TheLink]

I think ubuntu and Suse have apparmor already which is similar to SELinux.

"First, if an app is going to announce itself, it might as well be specific and come with a full ACL describing what it should be doing,"

Should only do this for custom ACLs.

Most apps should be able to fall under a more manageable set of template ACLs that users can recognize.

Custom system ACLs could be signed by the OS vendor, so no prompts to the user - stuff just runs.

Custom 3rd party ACLs could be signed by a verifier that certifie

Re:

[nova_ostrich]

Developers working with ActionScript in Flash Player have no access to the user's file system. Makes it pretty hard to distribute a Flash-based trojan.

Re:

[slaingod]

Flash & Flex do support signed code. The question is, who does the signing? Who is the organization that gets to tell me I am 'authorized programming'? Are you implying that users shouldn't be allowed to develop and run their own code on their own machines? Not sure how 'signing' works in that scenario. Sounds like 'Trusted Computing' to me.

Doesn't then 'signing' become the single point of failure?

In the same vein, Firefox, IE, Safari & Opera also 'render pages executable'. So we are supposed to

Re:

[Grampaw Willie]

==>Flash & Flex do support signed code.

that doesn't matter: with PGP you can sign anything.

the point is that before we can allow the FLASH to start we have to find a signature for it ( as a symbol in the document header )

==>who does the signing? you do.

this is what the Public Key Infrastructure (PKI) is all about.

if I don't have a copy of your public key I will go to a certificate authority to get it.

and that, of course leads to the question of how that Certificate Authority will insure that they

Re:Flash is the web's single point of failure

[heinzkunz]

> I don't know if it will load and run native binaries
> over the web (like active X) or if it has it's own
> sandboxed java-like pseudo code.

I don't think java uses pseudo code :)

You were probably thinking of byte code. Yes, the flash plugin runs byte code in a sandboxed virtual machine. It's not the browsers sandbox, but the flash players sandbox.

Re:

[nova_ostrich]

Flash Player doesn't run native binaries. It has it's own form of bytecode (known as ABC), much like Java, that gets JITed to native machine code. Flash Player is only about 1MB in size. Certainly not enormous when Java is much larger at about 7MB.

Anyone else find it ironic...

[TheVelvetFlamebait]

... that the guy explaining that Flash is the web's failure has a link to a YouTube video in his sig?

Upgrading the HTTP protocol?

[Tiles]

The entire point of HTTP is to be stateless, hence why other protocols (like Adobe's) were invented. If you want a stateless protocol, use a constant TCP connection. Don't try to wedge functionality where it doesn't belong.

Re:

[heinzkunz]

I see that you are a registered user at slashdot. How would you login and post to slashdot if slashdot didn't use HTTP sessions?

Re:

[gbjbaanb]

Probably by sending some cookie data with every request.

Hmm. just like how HTTP Sessions work :-)

Re:

[heinzkunz]

Exactly. HTTP started as a stateless protocol, but we have begun to depend on tricks to make it stateful a long time ago, and for good, practical reasons. It's stupid to say "Don't try to wedge functionality where it doesn't belong".

HTTP stands for hypertext transfer protocol. Should we abolish all cases where HTTP is used to transport something different than hypertext? Sorry, no AJAX for you, no file downloads, no webdav, no rss, etc.

Re:

[Tiles]

HTTP 1.1 (RFC 2616) clearly defines what HTTP is used for:

It is a generic, stateless, protocol which can be used for many tasks beyond its use for hypertext, such as name servers and distributed object management systems, through extension of its request methods, error codes and headers.

As for logging into websites: Cookies were a hack added on to HTTP by Netscape, and aren't even in the HTTP 1.1 standard. You can have 'sessions' without cookies. An ideal login system would have your HTTP authentication

Re:

[heinzkunz]

Don't get me wrong, I don't want to revise the HTTP protocol. (I don't think the OP want to, either, he just mixed up the acronyms.) But HTTP sessions are a de facto standard. They aren't going away anymore, and there are perfectly good reasons to use them.

News doesn't' surprise me

[qazwart]

There has been a browser war going on for a while. It isn't the IE vs. Firefox war everyone talks about. It's about the rendering engine to use.

Apple's WebKit has succeeded beyond Apple's wildest dreams. It is officially being used at Google for its applications, it has been adopted by KDE, and the Gnome team is also about to adopt it. It is also the official rendering engine for Android. That puts WebKit on each Linux distribution and on what will soon become a major portable Internet device platform.

Adobe has been pushing Flash as the web rendering engine to rule the world, but it hasn't been doing so well. The big war for the browser isn't the desktop, but all the little devices that we will all carry around: PDAs, Phones, cameras, music players, game machines, etc. Flash needs a consumer client in order to work, and the fact that all of these devices will depend upon Adobe creating a client for each and every platform and operating system just doesn't cut it. Manufacturers don't want Adobe to rule whether their device is worthy of a Flash client.

In order for Adobe to be truly competitive in this fight, they must open up the Flash file specifications. That way, each device maker can design their own Flash player much the same way they build their own web browser according to HTTP/HTML specs.

The only question I have is how "open" is the spec? What happens if Adobe wants a new version of Flash with more features? Will it open up the new specs? Will Adobe allow me to create a program that will write to the Flash file format, or is that still closed to me? This isn't entirely unheard of. Microsoft has "open specs" for NTFS. I can give my operating system the ability to read NTFS, but not the ability to write it without first getting a license from Microsoft.

Re:

[BrentH]

Apple's Webkit adopted by KDE? Big ups for the Mac Propaganda department... It's was the Konqueror guys who did the heavy lifting. Although Apple did indeed improve it even further, the KDE-team had to pry very hard to get some results back from the deal.

Re:

[nova_ostrich]

Adobe's open spec for the SWF format may be used by anyone who wants to create SWF files. It may not be used if you intend to build an alternative way to view SWF files. In other words, you can create your own compiler, but not a new Flash Player like Gnash.

Re:

[crebstock]

The specs of the swf format are already "open" in the sense that you can obtain them to write into applications. Much like Microsoft, they aren't given to just anyone, but the ability to create an application that reads/writes the swf format has been around for a while now.

Good idea

[the eric conspiracy]

Adobe has been moving away from serverside development (i.e. JRun). Opening AMF will allow other app server vendors to offer AMF implementations that adhere to known specifications, rather than reversed engineered versions. Ultimately this will improve the acceptance of Flash remoting applications which will be good for Adobe.

This is apart of a larger "openening" of Flash

[quetwo]

The announcement of the opening of the AMF protocol (which is a compressed, binary stream of data, used to transfer data from a back-end server to a flash application, no different than AJAX), is actually a subset of Adobe's announcement to open-source the BazeDS project. BazeDS is a Java server that sits as middleware between your Flash/Flex app and your back-end server (Java, PHP, ColdFusion, etc). AMF is a major part of that product. To all the critics of the Flash player... Take a look at its track record. It is under a meg download, available for most platforms (Win,Mac,Linux,Symbion,etc), and has an excellent security track record (as compared browsers/plugins in the industry). It does not just take a "binary stream" and execute it -- it has a very strict sandbox enviroment that protects both the browser, and the operating system. Heck, you can't even load a Web Service without the called-domain allowing it. And while not opening up the full SWF format, Adobe has open-sourced the Flex Framework, which is used to create SWF files. Take a look at Adobe Labs : http://labs.adobe.com/ [adobe.com] for more info on some of Adobe's open-source projects.

Re:

[SanityInAnarchy]

And while not opening up the full SWF format

Why haven't they?

And more importantly, can we please stop taking Flash seriously until they do?

Being "closed" is part of Flash's attraction.

[argent]

The Flash sandbox seems to be pretty good, yes. That's about as far as it goes.

Flash is barely "available for Linux": there's a Linux port that's only for i32, only for gecko-based browsers, and I doubt it'll work if you're not right up-to-the-minute up-to-date with a pretty vanilla distro. And of course it's not available for other free UNIX platforms or non-x86 hardware. That's because far from being "open", it's a closed binary blob.

But more than not being open source, it's not an open format. The fact t

Re:

[account_deleted]

Comment removed based on user account deletion

Flash for Linux requirements?

[argent]

Got a definitive link for it? Because the one I found listed a handful of gecko-based browsers as requirements, and it would be nice to get everyone on the same page.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[argent]

It works, but Adobe doesn't support it.

At least Konqueror is open source so if you're stuck you can try and fix it from that side.

But the Flash side of things is closed by intent.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[argent]

What does "support" mean in this case? If Konqueror messes up their netscape plugin support by doing something non-standard spec, they aren't going to add a custom fix for that?

If Adobe messes up their netscape plugin support by making assumptions about the API that are simply undefined behaviors that only Gecko happens to implement that way, they aren't going to fix that, instead KDE will have to emulate yet another obscure Gecko behavior.

OK, so maybe you don't care about API creep. As someone who has watc

Re:

[Raenex]

Take a look at its track record.

For years Linux was stuck with an old and buggy version of Flash.

Flash client is still closed

[mi]

I suggest that the W3C should take a look at the whole Flash ecosystem as they think about upgrading the HTTP protocol.

Frankly, I can't believe this. Slashdot, which gave Sun so much crap for making Java source code available under a wrong kind of license, is front page-advocating wider adoption of software, for which no source code is available at all ...

Re:Flash client is still closed

[pembo13]

I was pretty sure it was just the submitter, and not the Slashdot consensus.

Re:

[NicolaMarini]

Is true Flash client is still closed.
In my humble opinion a way to grow is opening up the code that people
can improve.
For the world of flash having to see a silverligth is the same as for Java
having a flash (it happened some time ago).
What I mean is hard to explain.
With flash you can do a lot of thing.
Some one admitted that Flash it is not 99% bad.
And it is growing I suppose, I hope in the right direction.
Opening up the client is, at the moment, a way that I cannot see were
can let us go.
We can go were we wa

Re:

[mi]

In my humble opinion a way to grow is opening up the code that people can improve.

Forget improving. I'd like to be able to simply compile a native version for my FreeBSD/amd64 system. As things stand, there is not even a version for Windows/x64!

Something tells me, Slashdot's outrage about Microsoft's anti-competitiveness back then had little to do with the fate of Netscape. All Microsoft had to do to appease most people here, was to release a Linux version of IE.

I'm Confused

[dwillden]

What does Adobe have to do with Bowling? http://www.amf.com/corporate/index.htm/ [amf.com]

Re:

[jibjibjib]

Your comment would be funny and possibly even insightful if the submitter had used the acronym "AMF" without giving any background or explaining what it is. In this submission, the author describes what AMF is ("the format used by Flash Remoting -- the equivalent of AJAX for the Flash world.") and links to an article with more details about it, so I don't see the point of pretending to be confused about it.

Re:

[ameoba]

I was expecting something to do with these [drinksmixer.com]...

W3C should take a better look at Flash

[heinzkunz]

Mod be down, but I kind of agree with the OPs point that the W3C should take a better look at Flash. Not to update the HTTP protocol of course - neither Flash nor the W3C have interest in changing that. But things like access to the bitmap data of images or a flexible component model are very useful for us programmers. Without advancements, we will forever be stuck with half baked web apps, and the W3C better look at what flash does right.

Rendering Flash HTML and PDFs together

[TimeSpeak]

I find it interesting Adobe AIR [adobe.com] wasn't mentioned.

Regarding the RTMP

[heinzkunz]

Next, we note that Adobe has not released its RTMP protocol

Adobe recently announced [adobe.com] to make it's messaging server open source. This includes the RTMP, of course.

Re:

[quetwo]

Actually, they are open-sourcing the messaging portion of LiveCycle Data Services, except for the RTMP protocol. They are instead releasing a new protocol, which emulates what RTMP does, except over HTTP(s). http://labs.adobe.com/technologies/blazeds/ [adobe.com]

DATA, not PROGRAMS

[cas2000]

I suggest that the W3C should take a look at the whole Flash ecosystem as they think about upgrading the HTTP protocol."

why?

i want inert DATA, not active executable programs when i browse the web.

browsing the web should not require throwing away basic security precautions, nor should it require trusting every developer of every web site out there to not be either incompetent or malicious.

Re:

[BrentH]

I actually use the NoScript [noscript.net] plugin for Firefox. It blocks all javascript (so no datacollecting and cookieplacing nonsense, and no ads, since they all use javascript) and all plugins like Java and Flash by default (so certainly no flashy resourcehogging ads). You can whitelist the sites you like (for example Youtube), so you can have the best of both world: java(script) and Flash when you want it, and only when you want it. I like it a lot.

Re:

[Grampaw Willie]

flash might be used for stuff other than ads but guess what: who uses it the most? a/c yer views are generally too establishment. the www has a lot of defects from trojan vulnerabilities to onerous adware and privacy violations like that BlockBuster-Facebook link and these defects need to get cleaned out and the place to start is to put a stop to un-authorized programming.

Re:

[b100dian]

This (good) news only proves that Silverlight and JavaFX did something: kicked the ass of the dominant RIA player to open up, first the Flex 3 SDK, now the AMF protocol and who knows, in 2 years the VM too? (aka Flash Player)
This is a good thing(tm): a de facto standard becoming open;)

got me the flash block too

[Grampaw Willie]

thanks for the tip pard

I went out and got me the add-on and it is now in effect.

actually I don't want anyone running any un-authorized programs on my computer

hackers in particular, but advertisers can be pretty onerous

Re:

[cheater512]

Um...Small question: Why do you use flashbock?

Just do what I do. Dont install flash. Simple.

Re:

[Grampaw Willie]

FlashBlock like NoScript will allow you to have FLASH installed and select which media you want to allow

Re:

[cheater512]

The GP's point was that its all rubbish.

Re:

[Raenex]

The GP's point was that its all rubbish.

I used to be of the same opinion, but there are enough interesting ones that it's a pain not having easy access to them. How many Slashdot stories now link to YouTube videos, like the infamous "don't taze me, bro"?

Videos are a useful form of communication. It's unfortunate that sites like YouTube are Flash based, but until there's an alternative, Flash + NoScript works great.

Re:flash is for ads - so I block it

[jibjibjib]

Why use adblock? Why not just turn off images? [/sarcasm]

Seriously, there are uses for Flash apart from ads. Many websites use it for embedded audio, video, instant messaging, simple image editing, games, and basically any interactive functionality which would be too slow and hackish to implement using AJAX.

Re:

[AKAImBatman]

I dont' care about yousless tube junk

Flash is useful for a lot more than just Youtube. While video is possibly the most common use for Flash (it's the only *standard* that all browser makers can agree on) it's also used for purposes like web games. I know in of itself that's not all that interesting, but it's also one of two ways of making homebrews [wiicade.com] for the Wii Internet Channel.

The AMF format has been reverse engineered before, but having it fully published should make it easier to create desktop integratio

Re:

[voidy]

so why install flash just to block it with some stupid plugin?