Skip to main content

Firefox will begin blocking specific, unnecessary Flash content, starting in August

firefox 55 adds webvr support
Kārlis Dambrāns/Flickr
The days of a Flash-flooded Internet are seemingly (finally) coming to a close, as Mozilla said in a blog posted on Wednesday that starting in August, Firefox will automatically block certain Flash-based, “invisible” content that’s not relevant to the user experience. The list of blocked Flash content that can be replaced with HTML will be small at first to ensure website compatibility. However, this list will grow over time.

Later on in 2016, Mozilla will add to its black list the practice of using Flash to check content viewability, which is a method of measuring advertising. According to Mozilla, by blocking this content, Firefox performance will improve, along with device battery life. The company suggests that advertisers who use Flash to measure viewability should switch to the Intersection Observer API, which is based on HTML.

The move to eliminate Flash in Firefox doesn’t stop there. In 2017, Mozilla will inject Firefox with a click-to-play approval feature preventing all Flash content from automatically playing. That said, web sites that rely on Flash or Silverlight for their videos and games are urged to move to HTML technology “as soon as possible.” Firefox currently supports Google Widevine and Adobe Primetime for encrypted video playback.

Reducing the use of Adobe Flash on the internet is part of an overall move to eliminate the use of browser plugins and making the World Wide Web more secure for surfers. Plugins, especially the one for Adobe Flash, are often targets of hackers, in addition to causing instability problems and performance issues. The move to HTML 5 essentially eliminates the need for Flash.

“Over the past few years, Firefox has implemented Web APIs to replace functionality that was formerly provided only by plugins,” reports Mozilla’s Benjamin Smedberg. “This includes audio/video playback and streaming capabilities, clipboard integration, fast 2D and 3D graphics, WebSocket networking, and microphone/camera access. As websites have switched from Flash to other web technologies, the plugin crash rate in Firefox has dropped significantly.”

In a chart provided by Mozilla, the crash rate of Firefox plug-ins seemingly continued to climb until Google switched to HTML5 video playback on YouTube. Crashes continue to decline after Facebook switched to HTML5 video as well, but the chart still shows highs and lows as other sites still rely on Adobe Flash for video playback, advertising, games, and other Web-based content.

Until Flash is fully phased out, Mozilla said it will continue to work with Adobe to provide the best possible Flash experience for Firefox users. This joint effort has already led to high-quality Flash playback, accelerated Flash rendering, and enhanced sandboxing. In fact, Flash will still be supported via a plugin when Mozilla drops support for NPAPI plugins in March 2017. That’s when Mozilla launches the next Firefox ESR build that will support specific plugins (Java, Silverlight, etc.) until early 2018.

Google already introduced a feature in its Chrome browser back in June 2015 pausing Flash content that’s not central to the webpage. Microsoft is introducing a similar feature in its Edge browser when its Anniversary Update rolls out to Windows 10 early next month. This feature will “intelligently” auto-pause Flash content not central to the web page, the company said. Firefox, it seems, will provide control over all Flash content next year.

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more