I expect it to fair much better than Flash.
808/1020 (79%) of the CVEs reported against flash were for memory errors (buffer overruns and things) that allowed remote code execution.
So, assuming the Ruffle developers haven’t been using “unsafe”, just writing it in Rust immediately removes 80% of the security problems that were with Flash.
Also, many of the security problems with Flash were deliberate (by design).
For example, Flash was designed to send your browser fingerprint to advertising sites.
Ruffle obviously doesn’t do that.
I expect it to fair much better than Flash. 808/1020 (79%) of the CVEs reported against flash were for memory errors (buffer overruns and things) that allowed remote code execution. So, assuming the Ruffle developers haven’t been using “unsafe”, just writing it in Rust immediately removes 80% of the security problems that were with Flash.
Also, many of the security problems with Flash were deliberate (by design). For example, Flash was designed to send your browser fingerprint to advertising sites. Ruffle obviously doesn’t do that.
Thanks for your explanation!