Flash is really, really dead

Status
Not open for further replies.
I get the impression some folks think Flash is still a viable product and will be around for a long time. The reality is driven home even more by Chromium's announcement yesterday:

HTML5 by Default

...this change disables Adobe Flash Player unless there’s a user indication that they want Flash content on specific sites, and eventually all websites will require the user’s permission to run Flash.

HTML5 By Default will be enabled for 1% of users of Chrome 55 Stable in the next few days. The feature is also enabled for 50% of Chrome 56 beta users. With Chrome 56 stable in February, we plan to enable it for all users.

Starting in January users will be prompted to run Flash on a site-by-site basis for sites that they have never visited before.

As sites transition from Flash to HTML5, this change will no longer affect them and the entire web will become faster, more secure and power-efficient.
 
Unfortunately, even with Google trying, I doubt flash will be gone anytime soon. Lots of sites still use, and will probably continue to use, it.
On the other hand, at least these days, most browsers make it trivial to block autoplay, whereas with html5, the only way that I have found to consistently work is to block javascript. (CNN, for example--do they really think it gives a better experience? One wonders how many people now avoid CNN because of their autoplay, and how much they paid the people who decided it was a good idea.)
 
Lots of sites still use, and will probably continue to use, it.
Legacy stuff that hasn't or won't be updated. Among the people I know who write for the web, Flash is never even mentioned except for old stuff people ask me to convert for them. Note: I haven't had that request in years.

Autoplay is dumb and a UI blasphemy. Any site that does that is stupid; and I'm being kind.

block javascript

I just had a discussion online about users who do this. The surveys I read say that less than 2% of everyone doesn't do that and those who do are aware of the issues they present themselves so the general consensus is that one need not code for them. In my company's case, we have zero people who visit any of our client sites with javascript disabled.

On the other hand, there is a group of people who will say you need to make your site still work in case the javascript doesn't get downloaded, such as on mobile devices when the train goes through a mountain. My question is, then they are just as likely to not receive other elements of the page like CSS. I never get a sensible reply to that.

For smaller companies that rely on services to handle things like credit cards, there is no option. You must use javascript. So if javascript is required for that basic functionality, what good does it do to not have javascript run the entire site?

And that's where the web is going. You can say it's there today. Especially developers who are only copy/paste artists and pooh any attempts at real coding and will lambaste you for think such.

What we do is make our sites work as much as possible with plain HTML and CSS and only require javascript when it's out of our control.
 
Interestingly Microsoft very recently added both 32-bit and 64-bit flash players to Windows 10 as part of the basic install of the OS. I can't believe that MS has any faith in the future of flash, they are not that dumb regardless of what you think of them. I suspect that they only did it because someone with a big enough support contract threatened to pull the plug and look elsewhere if MS didn't continue to provide direct support for flash in windows.

Edit: MS has in fact added both 32-bit and 64-bit flash but only the 32-bit control panel item is present.
 
Interestingly Microsoft very recently added both 32-bit and 64-bit flash players to Windows 10 as part of the basic install of the OS.

Not sure about the 32/64 but they have been shipping flash with Windows since version 8.
 
That software has been there much longer in OCX form
Nice find, I had no idea about that.
I guess they only made it visible in control panel in 8. On my Win64 machine now it only shows "Flash Player (32 bit)", files:
Code:
    Directory: C:\Windows\System32\Macromed\Flash


Mode                LastWriteTime         Length Name
----                -------------         ------ ----
-a----       29/10/2016     00:56         160534 activex.vch
-a----       29/10/2016     00:56       28204024 Flash.ocx
-a----       29/10/2016     00:56         689144 FlashUtil_ActiveX.dll
-a----       29/10/2016     00:56         934392 FlashUtil_ActiveX.exe
 
The funny thing is the post about the macromed folder being hidden means he is infected. In the early days it was common to have a malicious ocx replace the flash one and make itself read only. It was a mess from the very beginning.
 
Does every thread here have to include a story about the NSA?

It's a legitimate concern these days. If you use a non open source desktop OS that hasn't been neutered of spyware they install, then you're not safe. I've already neutered 7 in my case.
I get the impression some folks think Flash is still a viable product and will be around for a long time

I think it'll still be relatively common in a few years because Mozilla discontinued Shumway, which I think was a poor decision. Without either a JIT to convert Flash to HTML5 or some other emulation system how does one expect the current flash products on the market to function in absence of NPAPI or PPAPI support?

I just had a discussion online about users who do this. The surveys I read say that less than 2% of everyone doesn't do that and those who do are aware of the issues they present themselves so the general consensus is that one need not code for them. In my company's case, we have zero people who visit any of our client sites with javascript disabled.

On the other hand, there is a group of people who will say you need to make your site still work in case the javascript doesn't get downloaded, such as on mobile devices when the train goes through a mountain. My question is, then they are just as likely to not receive other elements of the page like CSS. I never get a sensible reply to that.

For smaller companies that rely on services to handle things like credit cards, there is no option. You must use javascript. So if javascript is required for that basic functionality, what good does it do to not have javascript run the entire site?

And that's where the web is going. You can say it's there today. Especially developers who are only copy/paste artists and pooh any attempts at real coding and will lambaste you for think such.

What we do is make our sites work as much as possible with plain HTML and CSS and only require javascript when it's out of our control.

To answer your question, I've never seen JS load before CSS. If you don't need the features of JS on your pages, you should not use it, IMHO. It's a security risk and a huge slowdown - I can still use the web on an SGI Octane, a Bebox or a HP C8000 in absense of Javascript .
 
It's a legitimate concern these days.
My point is, this topic is about Flash being slowly eliminated from Chromium, not international intrigue.

how does one expect the current flash products on the market to function in absence of NPAPI or PPAPI support?
A company still using Flash on the web for its products made that mistaken decision years ago and will suffer the consequences. Is anyone still selling home TVs with CRTs?

To answer your question, I've never seen JS load before CSS.
That misses the point. That if one is concerned about a page not loading javascript, why aren't they concerned about the same page not loading CSS?

It's a security risk and a huge slowdown
Not any longer. Security problems are not the issue nowadays and you can bog a site down with bad programming so don't do bad programming and learn lazy loading, use HTTP/2, delayed downloads and all the things to prevent that.
 
As someone that has family who works in the US Intelligence Community I can tell you the organizations aren't evil, and are staffed by individuals with families.

It is tiresome.
I've always said that I found it amazing that so many online sites and anonymous posters know so much about the inner workings of the most secret agency in the world as if everyone had exclusive insight into all their comings and goings. But remember how everything used to be the CIA? I guess they're happy that it's taken focus off them.

Not to mention all the other government spy agencies running around the world.
 
I've always said that I found it amazing that so many online sites and anonymous posters know so much about the inner workings of the most secret agency in the world as if everyone had exclusive insight into all their comings and goings. But remember how everything used to be the CIA? I guess they're happy that it's taken focus off them.

Not to mention all the other government spy agencies running around the world.

You ever hear the saying "If you tell a secret to anyone, it isn't a secret anymore?" Pretty hard to keep a secret if you have many people who know it. The darknet has all the answers.

My point is, this topic is about Flash being slowly eliminated from Chromium, not international intrigue.

Anytime you bring up software with security issues you invite other discussion

A company still using Flash on the web for its products made that mistaken decision years ago and will suffer the consequences. Is anyone still selling home TVs with CRTs?

As a person who owns both OLED and CRT TVs made in the last 10 years, I'll have you know that CRTs are not obsolete. They still produce the best colour representation, are infinitely scale-able, and can produce 4K resolution if they're a CRT projection TV - with some modifications. CRTs are heavy, and they make noise, yes, but when you're talking to someone who owns a lot of old games that rely on CRT scan patterns, not to mention has worked with TV broadcasts and knows why they still use CRTs for certain functions, you'll get immediately that they're still in wide use.

That misses the point. That if one is concerned about a page not loading javascript, why aren't they concerned about the same page not loading CSS?

Slippery-Slope.png


So does this image get my point across? CSS and JS serve entirely different functions on a website, logically. CSS is formatting and display whereas JS is interactivity, arrays, dates and has more functionality than CSS that could, on a mobile site, for instance, prove tertiary to the function of the site.

Not any longer. Security problems are not the issue nowadays and you can bog a site down with bad programming so don't do bad programming and learn lazy loading, use HTTP/2, delayed downloads and all the things to prevent that.

Security issues fed by JS are a huge issue. Need I remind you the Tor site raid of 2013? They got people's IPs from a JS bug in the Tor Browser. Need I remind you of Cross-site scripting?

You're making excuses to cover things up and bury things under new technology, which is exactly what the Linux community has done:

PersonA said:
ALSA's broken!

PersonB said:
We'll design PulseAudio around ALSA's bugs!

Clear yet? No? Here's another:

NeXTSTEP Developer A said:
So Mach isn't fully compatible with UNIX...

NeXTSTEP Developer B said:
Why don't we take Mach and BSD and put them together? Mach x BSD! Mach Kernel, BSD APIs!

Hopefully that's ming bai enough for you, as my Chinese buddies would say.
 
Pretty hard to keep a secret if you have many people who know it.

It's a fad. No one ever knew anything about this until it was all the rage on reddit and other gathering places for UFO sightings.

Anytime you bring up software with security issues you invite other discussion
I didn't bring up the subject.

As a person who owns both OLED and CRT TVs
This is irrelevant to anything I said.

CSS and JS serve entirely different functions on a website...
This also has nothing to do with what I'm talking about.

Security issues fed by JS are a huge issue.
You are not up-to-date with security and javascript and I don't feel like educating you. There are plenty of current day tutorials you should find online. After 12 years of doing web development for mid-sized web sites, I frustrate easily with comments like this.

The rest of your post is so far off base from this thread, I'm just not responding to you anymore cause you show you have a tendency to go off into the fringe and I avoid reddit for that very reason. I rarely see it here and I hope never to see it.
 
Sadly, I was recently contacted about a potential opportunity with a company that specializes in creating Flash content. I did not hear back after giving an honest opinion. No less there.
 
It's a fad. No one ever knew anything about this until it was all the rage on reddit and other gathering places for UFO sightings.

Can you stop passively aggressively insulting me?

I didn't bring up the subject.
You started the thread, you called other people out for discussion.


This is irrelevant to anything I said.
This also has nothing to do with what I'm talking about.
You brought up CRT TVs calling them obsolete. As for JS/CSS it did - you made a slippery slope argument about if you design a site around it being workable without JS, then why care about CSS? And that's a fallacious argument. CSS and HTML have advanced greatly since JS was invented - it isn't as necessary to have JS as it was 10 years ago.



You are not up-to-date with security and javascript and I don't feel like educating you. There are plenty of current day tutorials you should find online. After 12 years of doing web development for mid-sized web sites, I frustrate easily with comments like this.

You're acting as if you can brush my arguments under the table for the sake of satiating your points. There's relevant issues to using Javascript but sadly you just don't seem to care. Depressing, to say the least.

The rest of your post is so far off base from this thread, I'm just not responding to you anymore cause you show you have a tendency to go off into the fringe and I avoid reddit for that very reason. I rarely see it here and I hope never to see it.

I'm not even an avid redditor drhowarddrfine, you argue passive aggressively and bring nothing to the table except your opinions, which you can't really prove. Yeah, maybe I do the same but I at least try to add to the discussion. Maybe if your arguments actually held water you'd be able to add to the discussion. Need I remind you, you did the other day attempt to tell me a userspace program made by Microsoft could have possibly altered an Apple macOS kernel driver.
 
Status
Not open for further replies.
Back
Top