Early last week, there was news of Mozilla having Flash disabled in Firefox. Other browsers might have asked to confirm whether or not to run Flash – in Firefox, the user didn’t have the option (not without going into settings to manually change it, anyway.)
Why was it such a bold move? Well, despite the sheer amount of bad rep it got, Flash is still heavily integrated into the World Wide Web:
Most Facebook games played on computers still use Flash. We don’t need to explain how widespread those are (Candy Crush, Farmsville anyone?)
Animated films and series are often still created in Flash to make it more accessible and compatible across platforms.
Business Apps like display kiosks, educational apps, or salesmen apps.
Some Mobile Games still run on Flash, as well as PC/Steam games.
Many Banner Ads used to generate a website’s side revenue run on it.
Flash is the go-to for creators, given its ease of ensuring cross-compatibility. Images can be displayed between devices without major adjustments. File size remains relatively low. Fonts can be displayed universally once packaged, and that’s just the major perks.
At the same time, Flash has just as many reasons to be disliked: Flash can increase a site’s page load, while reducing usability to the point of causing a spike in CPU usage on your computer. Certain devices aren’t able to run Flash without elaborate workarounds, and people can disable them anyway — if they even have it installed in the first place. These files tend to discourage creators from being mindful of file size – I’m sure everyone remembers waiting forever for the “File Loading…” progress bar to reach 100%! For webmasters, content in a flash player won’t always be crawled by a Search Engine bot.
So to answer the question:
Why Firefox blocks Flash by default?
Security and vulnerabilities have always been an issue for Flash media presented in browsers; It just hasn’t been actively on user’s minds. Yet in the past few weeks, an Italian Hacker group was hacked (ironic, huh?) leading to the discovery and release of tools that exploited holes in Adobe Flash Players. This meant that just by visiting the page with a corrupted player, your computer could be infected.
As protection for the amount of users of Firefox, Mozilla’s sweeping solution was to block Flash by default – and they would not re-enable it, until Adobe had patched it.
Adobe Listens?
Whether in response to Mozilla’s drastic measures, or realizing the sheer risk of the exploit, Adobe has now released a newer version of Flash (18.0.0.209) that serves as a fix. This updated version is not blocked by default in Firefox, so make sure to run the update on your computer!
It isn’t a permanent reassurance, though – Mozilla has made it clear that if such a vulnerability comes up again, they will resort to blocking the flash player once more.
[elisha-thomas]