
Thank you
You're doing god's work son. Carry on.
By the end of the year, Google Chrome will block virtually all Flash content and make whatever's left click-to-play by default. In September, Chrome 53 will kill off all background Flash content, which is about 90 per cent of Flash on the web, according to Google. Then in December, Chrome 55 will use HTML5 for video, …
Ah, the BBC and Flash, remember when they last revamped their website and removed most of the text based stories and replaced them all with video feeds ripped out of the news channel? Cue a much touted "try our new mobile site" which was supported by little to no mobile browsers, I wonder how many readers that cost them?
"replaced them all with video feeds ripped out of the news channel? "
BBC staff presumably all have mobiles with unlimited data.
Back in the day when people tried to sell us website designs we used to say "now show us on dialup". The equivalent should be midrange phones, not the 6s+ that the BBC staff presumably use.
"remember when they last revamped their website and removed most of the text based stories and replaced them all with video feeds"
That habit cheeses me off SO MUCH. For a snippet of information that I could ingest in text in 1 second, I now have to sit and wait for a journalist who's far too delighted in themselves to goddamn well get on with it!
They used to put summary text below - now they're stopping doing even that. It's like wasting other people's resources without thinking about it is becoming a habit or something. They don't seem to realise they're rubbing our noses in it.
It's not just the BBC. It's people like Twitch, Rooster Teeth, and a whole bunch of other people that say "what security risk?" when I ask "when are you moving away from flash so I can use your site? I don't have it installed because it's such a security risk"
They get pissy at me for even bringing the topic up. So I don't buy their sponsorships any more and I watch their YouTube channel with all of the ad-blockers.
100% agree. For many developers though the problem is in the streaming system and BrightCove, Comcast's The Platform and others need to remove the streaming option for Flash completely. For me the problem is that Flash is like the mythical Hydra in that the moment you cut off one head another appears: in this case someone needs to chat with Amazon about trying to prevent RTMP Streaming using Flash.
I always have add-ons installed to force videos in flash player. Internet is expensive here in south Asia. Bandwidth is also very limited. With flash we could use the click to play feature(which Google now forces) and stop unnecessary data spending. But even when autoplay is disabled(which you have to do manually on many sites every week), HTML video player always load parts of every video which wastes a lot of data on many sites like facebook.
I expect most El Reg readers have been blocking Flash one way or another for years. Certainly anyone not wanting their computer p0wned has. Got tired of those "Oh Gawd! Another Zero Day! Patch Right Away" headlines, and I'm sure I'm not alone.
I agree with Tomato42 that if Flash were a planet in some other solar system, we'd want multiple high-factional-c strikes (.999 c comes to mind) on it. And, just to be on the safe side, make the system's star go nova, too.
Good on Chrome for helping to finish off this monster.
I've never blocked flash. I've not even installed click to play. I started developing sites in Flash around 2006 but not done one for probably 5 years now. I have used the latest Flash to make an animated logo which was pretty easy but the end result file size was about 20 times what it would have been if .swf.
Not ONCE have I ever been a victim of an attack through Flash, a PDF, or had my computer 'prawned' or whatever that is.
Am I just really boring and not visiting Ukrainian fetish/ bondage sites enough to fall for this sort of thing?
Overall I don't see any issue with what Google are doing here - people who really want to play that game (including me), or learn in an education flash site can just click to play - and all those dodgy background flash trackers will get blocked.
However it feels like most people here in the comments are blaming flash for how the creepy advertisers or scammers are using it. People will exploit anything to make a buck... yes, it has a lot of bugs in it, and probably has too many features thus making it easier to exploit but you shouldn't knock a technology that millions of people use every day to play games, just because you don't like it.
This post has been deleted by its author
Why stop at Google bundling X with Y.
Nobody should be bundling anything onto the explicit download I clicked on.
If I want product X, then I download product X. I don't want Y, Z, some spyware toolbar or any other junk / hidden software.
If any product is good enough on its own, then people will get to know about it and will come and download it for themselves. If its junk on the other hand, then it will wither and die.
"If I want product X, then I download product X. I don't want Y, Z, some spyware toolbar or any other junk / hidden software."
Whoa. Let's return to the good old days of Netscape, when using the Internet required you to install a seemingly endless parade of players and add-ons.
Asking millions of browser users to find and install plugins for different media is a recipe for disaster.
Sorry, but the best user experience is when most common functionality is bundled with browser.
And yes, I don't even mind if my distro includes proprietary codecs when I install it.
@Barry.
You seem to be mixing a number of points here.
1. Licencing of things (due to cost or differing licencing terms) which prevents their inclusion in free OS's. Yes, CODEC's are common here. If people need things they will find the correct place and download it / pay the licencing fee. Alternately, there are distros that include the CODEC's having dealt with or ignored the restrictions - your choice on which way you go here.
2. Innovation driving extensions of current technologies as you mentioned for the early Internet. This will always happen as technologies evolve. The original vendor may not have the skills / desires / budget to add on, whereas others may. There's nothing wrong with that. Conversely others may add-in equivalent functionality as for example has happened with PDF readers in browsers. Often this is affected by licencing and copyright, so another example of the above.
3. Vendor knows best vs end user knows best. Personal choice is personal choice.
4. There is a world of differences between related downloads that are clearly displayed and delectable, such as your example of CODEC's for browsers compared to the downright underhanded methods that are used to use get software installed such as hiding the options 6 layers down, giving no options and using phrases like "deselect this box to enable install <blah>" whilst implying that the module is required or recommended
>If I want product X, then I download product X. I don't want Y, Z, some spyware toolbar or any other junk / hidden software.
Don't download software from dodgy websites ... easy ... if your OS does not have a central repository with tens of thousands of pieces of software, you are using the wrong OS.
@Hans 1 (The solo Hans, Hans Solo ? Change the font and you could be Sans Solo !)
You seem to be pushing the virtues of app stores. With the exception of open source ones, they tend remove choices and tax developers to publish, this also undermines the benefits of the broader internet.
Secondly, having looked at many app stores, there is poor quality control and in many cases the junk swamps the genuine / good apps. Most are junk, more junk, spyware, apps with hidden functionality, etc. so this is far from a working panacea.
The common trend here is that users will install anything if it looks free or has a cute kitty on it or offers free games etc.
I wonder how many users would select yes to the "Install Virus.exe" just to access the thing they originally decided they wanted ?
The one place I see Flash used all day every day is in Education. I would say at least 80% of the sites bought into at the school I work for use Flash.
Examination platforms use it too, and I can't see HTML5 taking on that role any time soon.
So, in schools, the more likely outcome from this is that Chrome will become less popular in favour of a browser which doesn't do this stuff.
Sadly. I would love to see Flash die.
Unfortunately this is true, largely due to the educational content being built up over many years there is a financial reluctance on behalf of the content originators to update to current technology. I teach a couple of online courses and a lot of the content is flash, java or shockwave based. All of these cause our students varying degrees of problems which are compounded by the locked down configurations school issued laptops have here in the US. I have no control over the content, I merely deliver the content and put out fires while the courses are running, last semester they were more like forest fires. I have been promised that the Fall semester will bring shiny new working content that will not have these issues... I'm not holding my breath.
>The one place I see Flash used all day every day is in Education. I would say at least 80% of the sites bought into at the school I work for use Flash.
It's going to be walking dead for many more years to service historic content.
>Chrome will become less popular in favour of a browser which doesn't do this stuff.
All browsers will do similar by next year's end. Chrome devs are still building the pepper plugin (Google get the source from Adobe not a binary) - in fact it's only the Google devs who continue to update (patch) the linux release of Flash player, Adobe canned it a couple of years ago.
Three years ago I was working for a school who had content boxes for various providers (Espresso, KnowledgeBox, etc.).
One provider promised that all their stuff would be converted to HTML 5, there was even a section of converted content so you could see. This was mainly to get them into iPad use, not removing Flash (the one useful thing that could be argued for iPads is that they don't have Flash, so people are having to move from Flash if they want their content to work!). Bear in mind that it's an annual subscription and they have to constantly update content anyway, to keep up, so you'd think they'd just make the move to make everything HTML5 from a certain time and then start removing or converting the older content on a slower schedule. No.
I changed school and deployed the same product there, on the demand of the teaching staff. I asked the same questions of them, got the same answer. Basically their stuff just doesn't work on iPads, and it's always the "interesting" games, activities, features that don't work because those were done in Flash.
Two years down the line, September is approaching again again again, and - well, I can't see any difference looking at it today. In fact the HTML5 "iPad compatible" apps page is still basically identical to what it was three years ago and the first few apps I've just clicked are all Flash.
Yes, Discovery Education Espresso, I'm looking at you. THREE YEARS. When you're updating content every day. That's three lots of content for every week of the year - picking up news topics, or seasonal themes, or whatever - that you've deliberate re-done in Flash each time.
I mean, in a way, it works to my advantage. The iPads just don't work on it, so the staff have learned not to try it. In a year or so that might well mean they just abandon that product (I don't pay for it, it comes out of teaching resources). And if Chromebooks, desktop Chrome etc. start going down the same path, it's the content that's at fault, not the devices looking at it. They can caw about using IE all they want, but if Chromebooks, iPads, iPhones, Android tablets, etc. all don't work for that content, then there's a lot of things we can't use it for and we have greater investment in that hardware than we do in the content. By orders of magnitude.
It's pure, sheer, absolute laziness. I wonder if, when they became Discovery Education, they were actually taken over and all the people who knew how to do things (like build their Linux-based squid-caching proxy content boxes that download their content overnight and serve it from the school's local network instead) went elsewhere.
For a time, KnowledgeBox was the same but they had other problems so I got rid of them years ago. I can't imagine they do a better job, but maybe I'm wrong.
"... it's always the "interesting" games, activities, features that don't work because those were done in Flash."
That'll be because Flash, while it has some issues, is pretty straightforward to develop for. HTML5, on the other hand, is painful, and lacks many highly desirable or necessary features.
>Not really. Pretty much everything, game wise, that was done with Flash, can now be produced using HTML5 direct from the Flash software by Adobe.
Practically nothing can be ported using their tools actually - HTML5 output is good for banner ads, very simple controls and timeline animations - little else.
Most game devs have taken the TypeScript route which is at least a semi-scriptable process, though very dependent on the original code quality. It's often quicker to just to use Animate (or CS5 where most of the Flash dev community waved goodbye) to export the assets and rewrite from scratch.
>That's three lots of content for every week of the year - picking up news topics, or seasonal themes, or whatever - that you've deliberate re-done in Flash each time.
That's because the content authors are not developers and are just populating templates via the CMS. Decompile a few and you'll find many on AS2 - so even semi-scripted ports to TypeScript or conversion to HTML5 using the current release of Adobe Animate CC (no AS2 support) isn't possible. Adobe's attempt to provide conversion tools are pathetic anyway useless content is simple timeline based stuff.
>It's pure, sheer, absolute laziness.
It's business - even at £100 a learning object, it would be well over £1 Million to port everything. Schools are looking for savings and discounts - especially on services which the educational theorists are saying have had largely negative impacts on learning.
With smart-dns and VPN assistance, I tried to find a streaming source anywhere on the planet that wasn't using Flash for Olympics coverage -- and I couldn't.
I assume this is because there's a central media bureau distributing coverage and they're using Flash, but that's just a wild shot in the dark.
That's not beating it with a shovel, that's just Yet Another Bandaid.
Beating it to death would be:
A. Releasing a browser with no Flash installed
B. If you attempt to install it, pop up a full page security warning about the dangers of Flash, pop up another full page warning that scrolls through the current list of needed security updates, then asks:
Abort? [] - Cancels Flash installation
Install and Update Flash?[] - Installs Flash, then updates it
C. Pop up another full page warning when there are new security updates and ask:
Abort? [] - disables Flash for the session
Remove? [] - purges Flash from the browser
Update? [] - updates Flash and continue
Confronting people with how insecure Flash is, is the only way Flash is going to die.
Let me put it this way. If the average web goer had to choose between security and flying cat videos, the flying cat video wins 9 times out of 10.
They outnumber you by about 100 to 1.
Guess to whom the browser makers are going to cater.
The more surprising thing is that the other 99 are actually right. Functionality comes first, anything else including security comes second. The best most reliable and secure car is completely useless if it can't actually take you anywhere - yet a horribly insecure one with no ABS or airbags is not, as long as it moves.
At the end of the day, a browser is just a tool, and in a home settings its job is to get you where you want to go, NOT to keep your system intact; it would of course be extremely desirable if it could do that TOO, but that's not the priority. People barricaded into an underground post-nuclear bunker might be remarkably safe, but they sure as hell don't get much done / get to go anywhere.
By all means, let's kill Flash and make browsers as secure as we possibly can - but in the mean time the top priority is to keep stuff working, and it really doesn't matter at what cost.
But it has to get you there SAFELY, or it's better by far not to go. Better stranded alive than burned to death in the next Edsel. And since you can't fix stupid and get sued if you take the Darwin route, you're FORCED to coddle to keep the lawyers at bay.
"But it has to get you there SAFELY, or it's better by far not to go."
No, it just has to get you there - once you're there it's irrelevant whether the trip was dangerous or safe. Safety is a measure of risk, not effectiveness.
BTW, I've never seen anything that suggested Edsels were less safe than any other car of their time - the reason they failed to sell was a truly impressive level of butt-ugliness, not a safety problem.
Sorry. Not Edsels, Pintos. Think gas tank fires.
So you're saying it doesn't matter if you die of CO poisoning on the driveway, as long as you get there it's still a success. Sounds pretty messed up if you ask me. That's like saying jumping off a skyscraper is a surefire way to get back to street level. You get there, yes, but not in one piece. Getting there SAFELY is an AUTOMATIC requirement of ANYTHING used by man. Otherwise, what's the bloody point? Risk is tied to effectiveness, as it describes the chance of a failure of some sort. And failures usually mean the job didn't get done: implying an effectiveness of zero.
~ For day jobs that rely on sites like Twitch (games industry), then you're screwed!
~ Flash is a long way from death when sites are too busy monetizing users to protect them... (Isn't the games world supposed to be technical & ahead of the curve???).
~ Even worse the BBC insists on Flash for news clips, but you can find the exact same clips as HTML5 on YouTube. So does the beeb link to those, not a chance!
>~ Even worse the BBC insists on Flash for news clips, but you can find the exact same clips as HTML5 on YouTube. So does the beeb link to those, not a chance!
Change your user agent, they have the clips in HTML5, however, they are a bunch of DUMB CUNTS!
BBC are even worse than you think - flash is just presented for desktop browsers.
use a mobile device and no flash required.
On desktop, just flip your user agent to a mobile one and it's 100% html5.
In safari : Develop > User Agent - Safari iOS ipad
job done - all video, content works fine.
Which of course just begs the question even more - WHY THE F*CK don't you kill flash in a shallow grave you FWs - you've even got 99% of the systems in place to do it!!
Two words: Flash EXPLOITS. At least with HTML5 the standard can be hardened against malware because it's more open and the browser makers can be motivated to compete on security grounds.
Face it. You're not going to get rid of multimedia web pages. It's what the masses want, and they outnumber you, so unless you become Dictator of the World, you don't have the power to change that. You can either brace yourself and join the ride or bail out of everything and go hide in the mountains somewhere.