BT

Mozilla Blocks Flash, Encourages HTML5 Adoption

by James Chesters on Jul 20, 2015 |

Mozilla is encouraging developers towards HTML5 and JavaScript and away from Flash, after it blocked the plugin in browsers amid security concerns.

Following Adobe's advice that two critical vulnerabilities would potentially allow attackers to take control of affected systems, Mark Schmidt, Firefox's head of support, announced the move on Twitter.

Schmidt Tweeted: "BIG NEWS!! All versions of Flash are blocked by default in Firefox as of now." His message was shared more than 2,750 times.

On Hacker News, in the discussion Firefox makes click-to-activate Flash the default Schmidt explained that it was more accurate to call it "enforced click-to-activate" -- and that Firefox users could still opt-in to using Flash, saying user choice was the number one priority at Mozilla.

Schmidt said: "We regularly block vulnerable plugins. What made this block different was that we did it before Adobe made an update available. Now that Adobe has released an update, it is no longer true that every version of Flash Player is blocked in Firefox. However, we're glad to see the conversation this has sparked."

In the official statement Resolution for Recent Flash Player Vulnerabilities Adobe's corporate communications said:

A few days ago we were notified of two vulnerabilities within the Flash Player. Upon investigation, we confirmed and fixed the issues, and took steps to ensure that this class of attack cannot be used as a future attack vector.

Flash Player is one of the most ubiquitous and widely distributed pieces of software in the world, and as such, is a target of malicious hackers. We are actively working to improve Flash Player security, and as we did in this case, will work to quickly address issues when they are discovered.

Mozilla aren't the only company critical of Flash this week. In a separate incident, Alex Stamos -- Facebook's new chief security officer -- tweeted it was time "for Adobe to announce the end-of-life date for Flash."

Others in the community were less sure about blocking Flash.

Koen Witters, game developer for RPG Playground, said

Technology should be replaced by better technology. I've written games for all kinds of platforms: Some of those platforms offer write once, run everywhere. On other platforms every device has it's own quirks and you have to test on every device and implement workarounds.

You might not like Flash, but it is great at running on every platform/browser with the same code base. If you test it on one platform, it runs on all others. (Adobe is also very good at keeping it backwards compatible)

Now, I ask you, what's the alternative for Flash? Does HTML5 offer write once, runs the same on every platform/browser(version!)? No it doesn't, and it never will.

Mozilla's director of product management, Chad Weiner, said that Mozilla "will continue to work with developers to encourage adoption of safer and more stable technologies, such as HTML5 and JavaScript, and we look forward to helping drive that conversation."

The latest update of Flash is now enabled by default in Firefox.

Rate this Article

Relevance
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss
General Feedback
Bugs
Advertising
Editorial
Marketing
InfoQ.com and all content copyright © 2006-2016 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT