Flash is no longer the darling of the internet and is increasingly being seen as the enemy by many web companies. David Crookes explains why Flash is finished
What's happened?
Flash, the software that’s used to create and deliver online videos, games and adverts through a browser, has had a torrid time of late. Various technology companies have been warning people against using it, with some browser makers going a step further and blocking it altogether. Many people believe that the final nails are now being hammered into Flash’s coffin.
Which companies are against Flash?
YouTube led the way in January this year, axing Flash in favour of its open-source rival HTML5. In July, Facebook’s newly appointed security chief Alex Stamos posted a damning tweet which said: “It is time for Adobe to announce the end-of-life date for Flash”. Mozilla then temporarily blocked Flash in its Firefox browser and advised users not to activate it again unless they were on sites that they totally trusted. Google and Amazon have also given Flash a kicking by discouraging advertisers from using it.
Wow. What has Flash done wrong?
Some companies say that Flash is a power-hog, so disabling it optimises battery life on phones and makes web pages load faster on both desktop and mobile. But the bigger concern is Flash’s poor security and stability. The US website Computerworld.com counted a staggering 164 Flash bugs in 2015 alone.
What security problems does Flash have now?
This summer, 400GB-worth of documents were stolen from the servers of a controversial Italian cyber-surveillance company called Hacking Team. As well as detailing vulnerabilities of other systems, the files spelt out a security flaw in Flash that would allow hackers to gain access to people’s computers. It was soon seized upon by malware writers as a means of stealing data, and the first of a new crop of Flash exploits emerged within 24 hours.
What has Adobe done to tackle these threats?
Adobe was - and usually is - quick off the mark to issue patches that addressed the exploits. But by then a large number of threats exploiting the security flaw had already been unleashed and users who had not patched their version of Flash were left vulnerable. Adobe is a victim in this, but the event has caused an increased loss of confidence in the product.
Is this why Google has blocked Flash adverts?
Strangely not. Google said at the beginning of September that it was going to prevent the automatic playing of Flash-based adverts in Chrome to enable the faster loading of websites and to preserve battery life. The ads will now only run if you click them; otherwise they will remain frozen. This is significant because more than half of all browsing is done through Chrome these days.
And what has Amazon done?
Amazon is no longer accepting Flash for the rendering of display ads on its website. It says this is in response to browser updates that limit Flash’s ad-display capabilities. The last thing Amazon wants is for its customers to experience missing elements because their browser settings have blocked them.
So will it reduce the number of ads I see?
Yes and no. According to Advertising Age (bit.ly/adage381), around 84 per cent of banner ads still use Adobe’s technology so, in the short term, a move away from Flash will have a big impact. But in the long term, advertisers will probably abandon Flash in favour of HTML5 (indeed, Advertising Age advises companies to create Desktop ads in HTML5).
Any Flash adverts that use Google’s AdWords system will not be affected because AdWords now automatically converts Flash ads to HTML5.
Will blocking Flash affect my online experience?
If you’d asked that question a few years ago, we'd have said that removing Flash would be akin to reading a newspaper with lots of stories cut out of it. But now, fewer and fewer websites are using Flash (figures show 10.3 per cent) and the move away from the plug-in has been going on for some time.
Back in April 2010, Apple boss Steve Jobs wrote a long blog post explaining why Flash could not be viewed on an iOS device. Since then, many web designers who feared losing visitors have reconfigured their sites to be Flash-less.
Why didn't Apple like Flash?
Steve Jobs said he didn't like Adobe making Flash a closed system (which is ironic, because that’s exactly what most Apple products are). He said Apple preferred to use JavaScript, CSS and HTML5. He also said that Flash didn’t perform well on mobile devices, had security issues and leeched the battery life of tablets and phones. Jobs concluded that Flash was of the “PC era” and not suited to the mobile age.
But don't web users get a say?
No, you just shut up! Only joking, but if Occupy Flash (occupyflash.org) is anything to go by, some people feel very strongly about ridding the world of the plug-in. The group calls it a “fossil” and states that the tech is "holding back the web”. Then again, Adobe itself has for a long time recognised the direction in which the online world is going; it ditched support for Flash Player in mobile browsers in 2011.
Is HTML5 a safer bet, then?
In a word, yes. HTML5 is open, it works well on mobile devices and it uses the language of the modern web. It’s also more secure than Flash and is supported by more companies. In 2014, companies including AOL, Conde Nast, Google, the New York Times and Forbes put their names to a letter written by the Interactive Advertising Bureau. It called on marketers to abandon Flash and use HTML5 for their mobile advertisements, dubbing the latter the “one open, industry-standard, universal format".
What about all those Flash games, though?
It’s true that lots of great games have been written in Flash and that denying access to them cuts off great swathes of gaming archives. But the number of HTML5 games has risen massively - you can check out some of the best ones at html5games.com and www.kongregate.com/html5-games.
So what should I be doing?
If you want to continue to use Flash, make sure you have the latest version and that you patch it to stay safe from the countless exploits. If not, you should disable Flash in your browser. Otherwise, use the official uninstallers for PC at bit.ly/flashpc381 and Mac at bit.ly/flashmac381.