If you use Google’s Chrome browser after 4 September the latest update will make it even harder to use in-browser Adobe Flash.
Starting with Chrome update 69, the browser will require users to explicitly enable Flash every single time they want to use it. Chrome will no longer remember this preference between sessions, so every time a user hits a site that uses Flash, they’ll have to say “yes, I really want to enable this extension.”
If it sounds annoying, it absolutely is, and that’s by design. This is just another step on the timeline that Chrome and many other browsers have set upon to slowly, slowly wean the public off Flash in anticipation of Adobe’s official plan to end support for the plugin by 2020.
Flash may have been the plugin of choice some time ago for fun in-browser games and interactive features, but it was also the go-to plugin for many attackers, as it was notoriously vulnerable to exploitation.
After years of Adobe releasing patches to try and plug the holes, browser makers took matters into their own hands and started to slowly pull support in order to protect users (and their products) from nasty attacks. Adobe similarly saw the writing on the wall and decided to stop the madness by announcing Flash’s end of life.
Flash’s near-ubiquity online has made it tricky to kill though, and the timeline for its demise has been (or at least felt) long indeed. Even while browsers continue to take measures to pull their support for the plugin, the vulnerabilities still roll in – and the pleas from security pros to “update your Flash now!” continue unabated.
The next step in Chrome’s timeline – summer 2019 – is to completely disable Flash by default, requiring users to go into their settings to enable the plugin every time they want it to run. After that, in 2020, it’s game over for Flash entirely. Hopefully.
Naked Security
Chrome: Flash is almost, almost, almost dead
If you use Google's Chrome browser, after 4 September, the latest update will make it even harder to use in-browser Adobe Flash.
Thu Win (@Tyw77)
The problem with this is there are many legacy sites that still use Flash. In addition, some sites hadn’t updated their interface away from Flash. Pixlr is one site that heavily uses Flash for their editing interface.
Paul Ducklin
Maybe the problem is that a small minority of stuck-in-the-mud legacy sites are still using Flash, while the majority of sites have moved on?
(Pixlr seems to use Flash in some places and HTML5 in others. Maybe the site needs to make the move to HTML5 everyhere?)
Thu Win (@Tyw77)
Airbus recruitment STILL uses flash. And their site support literally just told me to use Internet Explorer in order to access the site cause “it works best” with Internet Explorer.
Raylund Lai
Don’t forgot there’re still many humble old manged switches, routers/firewalls, application devices, etc… that still have their build-in web console using Flash
PsiCop (@PsiCop)
I’ve never understood this impulse to annoy users (on the client side) in the name of coercing developers (on the server side) to get rid of Flash? Is there an expectation that users will apply pressure to site owners? Wouldn’t those site owners already know Flash is deprecated? What makes anyone think annoying users is going to make site owners finally jettison Flash, if they haven’t already done so?
Seems to me the more effective tactic would be providing tools (free!) to site owners to convert their Flash into current technology. Just a thought.
Anonymous
It’s hard to get companies to spend money to alter their sites when the boss looks at the site and declares it looks just fine. If a popular browser stops working with a site, it’s a lot easier to put together a business case to fix it.
Jon
My bank (Bank of America) requires that I use Flash in order to use their Shop Safe program which I use on a regular basis. BofA is the second largest bank in the U.S. This does not really affect me since I refuse to have anything to do with either Google Chrome or the Google search engine.
In Saecula Saeculorum
CONGRATULATIONS! :D
Jim
Report: Google’s now got your MasterCard sales records
Google and Mastercard brokered a business partnership during about four years of negotiations
WND – September 3, 2018
Google is not happy with just scalping Mastercards. They need to control what we use.
DudeSweet
Finally. Flash can’t die soon enough. Screw everybody that uses sites that use it, it shouldn’t be used in any outward-facing appliance or site. If you need to use it for an old switch, firewall, or printer- replace the damned appliance because it’s obviously obsolete and needs to be deprecated (a flash console is just the indicator that it’s too old for production use).
Peter Thomas
As usually we have an idiotic comment that is not all thought out. This is terrible for very large legacy applications who still depend on Flash. The move away from the technology is in transit but these things can take time.
Anonymous
Bummer. Many educational institutions still use Flash for media.
Samantha Allen
I’m pretty sure BBC iPlayer is still using Flash, and everytime I log in to my MBNA account it wants to run Flash, as does VbV when shopping online (why?!) – I never bother enabling it for the latter sites, and can still use them, but a media streaming service still using Flash is a bit annoying (thankfully MotoGP.cm have moved to HTML for video, hopefully the Beeb wil soon…)
Thomas
This is a good enough reason to stop using Google Chrome. Flash is not dead, Google is just trying to kill it. This is a huge issue, and if it is not changed, I will likely discontinue my use of Google Chrome. Have fun pissing off your consumers, Microsoft.
Anonymous
First: You do realize Chrome is not owned by Microsoft?
Second: Adobe itself has decided to pull the plug by end 2020, not Google Chrome or Microsoft. Browsers and OS’es are just slowly transitioning…
Clifford Knight
The issue is not annoying “users” by forcing in an attempt to “wean” them from using flash–it’s the content providers that need to be “weaned”…
yellowhousejake
Clifford is correct, it is not users that need to be weaned, it is the content producers. The effort to burn flash is having bad side effects beyond advertising in pages. I work in IT and we have a large network that is managed using equipment that relies on Flash and Java interfaces. Yes, we could change the equipment out, who is paying for that expense? The browser companies need to leave a way to continue to use flash until older equipment interfaces fall out through attrition or equipment manufactures update.
It is very arrogant of the browser companies to think they are improve the internet. If they really want to improve the internet, Fix the need for jQuery to make a page work across all browsers. I have been watching that disaster carry on since the ecma script fiasco in 1997.
DAve
derek young
My favorite chess site uses Flash. I’ve always loved Flash and would use another browser before forgoing my favorite chess site. Adobe wrecked Allaire’s Cold Fusion after they bought it. They wrecked Macromedia’s Flash after they bought it. They stopped selling, but only leasing their Adobe suite.
Paul Ducklin
So you love Flash, yet you hate it at the same time because it’s a wreck? Surely if it’s that bad your favourite chess site should move on to HTML5?
Have you tried asking them? It must be hurting their business if they are forcing the use of Flash. (Most websites have about 40% mobile users these days, and there’s no Flash on iPhones or Androids, so the cost of insisting on Flash means giving all your mobile visitors the boot.)
sporeproductions
I have a site that is 96% desktop users. Making blanket statements and applying “one size fits all” decisions is terrible. While I agree we don’t need Flash for video, “rich” sites, or web interfaces, it is still a juggernaut for games. Try “converting” NewGrounds.com to HTML5. Impossible due to the sheer volume of content.
somebsthingforgravatar
Google Chrome is killing Flash, meanwhile it’s February 2019 and Gmail still wants to use Flash to use your webcam. It’s getting increasingly difficult to take Google seriously. They are quickly approaching early 1990s IBM levels of big blundering company.
Anonymous
sadness pure sadness.
Anonymous
I still go to sites that use Flash. Many games that I play on-browser still use Flash, and those games are only available on a browser level, so then, if they suddenly kill Flash, wouldn’t it be worse? Sure thing, developers must do the transition to other technologies, but by killing Flash, and not leaving at least a legacy version, it would deeply damage various sites (and my favorite games)
Mark Stockley
Suddenly???
Anonymous
My work only has Google Chrome installed and we need to use Google Chrome to access a site written in flash in order to clock in. This should make things interesting.