Firefox Continues Deprecation of Flash with “Click-To-Activate” Default Behavior in 2017
Browsers encouraging move to HTML5 and modern web technologies.
Adobe Flash was once the king of the Web. It enabled all sorts of flashy and fancy experiences that native web technologies couldn’t offer. But now with the advances of HTML5, CSS3, and dozens of other web improvements, Flash has become more of a black sheep.
It’s no secret that Flash has been a constant source of security vulnerabilities – in just the past two years Flash has had over 500 CVE-assigned security issues (CVE, or Common Vulnerabilities and Exposures, is a reference of publically known software vulnerabilities which pose security issues).
Flash is also an issue for performance and stability. That’s why every major browser is slowing dropping support for the vulnerable, crash-prone, and memory hogging plugin.
Mozilla just announced the next stage in their plan to remove Flash from their Firefox Browser. Starting in August, Firefox will begin blocking certain Flash content that is “not essential to the user experience”. This will primarily be Flash content being used for device-fingerprinting or as supercookies, which are both invasive behaviors that de-anonymize users.
In 2017 Firefox will default to “click-to-activate” for all Flash content, which replaces the content with a placeholder that only loads with explicit confirmation from the user.
Google’s Chrome browser is taking similar action. Before the end of this year Chrome will also enable “click-to-activate” behavior for all Flash content. While they have not announced any specifics dates for this, they have put forth a proposal to do this sometime in Q4 of this year. Only the global top ten sites for Flash usage (which includes Facebook, Twitch.TV, and Amazon) would be put into a “white list” that would continue to automatically run Flash. The privacy-focused browser Brave also has a plan for ending Flash support.
Click-to-activate is currently optional behavior in most browsers. If you have a minute we encourage you to turn on this behavior for all plugins now – it will improve your computer’s performance and help keep you safe. Here’s how you do it in Firefox, and Chrome.
The “end of Flash” has been talked about for years, so you would think most of the major sites have already moved on. But rebuilding apps and systems is difficult and expensive, which is why so many are holding onto Flash. This is why it’s been necessary for browsers to introduce these multi-step plans to discourage and eventually discontinue Flash – they understand change takes time, but it can’t take forever. Even Adobe has acknowledged that Flash has had its heyday, so hopefully there won’t be any hard feelings.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown