A Life Without Flash 4 Weeks Later
I decided to uninstall both Adobe Flash and pdf readers from a work computer four weeks ago. The motivation to make the move came from an increase in reported Flash and pdf specific exploits and attacks that put computer systems at risk. There was a downside to it as it became quite complicated to view Flash videos for instance.
This is now the fourth week of the change. There have not been many situations where I missed the Flash player, mainly when I stumbled upon a video recommendation or when one of my friends sent me a link to a new video that they recommended to watch.
So, in many of these occasions, I was not able to play the video, and in the case of some sites, I had to stop using them because they were only offering Flash-based video.
One of the most irritating experiences was the constant notification in the RSS feed reader RSS Owl that the Flash Player was not installed. It was possible to turn that message off but this also meant that the reader would not display images anymore. I still decided to turn it off as the messages were to frequent to be ignored.
I did cheat just a little bit as I run a developer version of the Google Chrome web browser which, as some of you may know, comes with native Flash support. I'm still able to access Flash content when I start that web browser.
I discovered two additional workarounds. The first was to change the YouTube Flash Player to the experimental HTML5 player. I was then able to play many - but not all - YouTube videos without Flash. But only on the site directly and not on websites that embed the videos.
The second option was to download videos if I needed to watch them. This was again not possible on all sites and for all videos but it helped me out several times. It is not such a practical thing to do but still better than not watching it at all or running Flash in the background all the time.
I have decided to continue on this path. No Flash plugin on my PC with the exception of the native Flash plugin in Google Chrome. It works pretty well and the PC is more secure without Flash.
Update: The situation improved gradually over the years thanks to the rise of HTML5 and other JavaScript-based technologies.
Many video sites are offering HTML5 players nowadays next to Flash-based players, or even no Flash-based player at all anymore. On the PDF-side of things, most modern browsers ship with PDF reading capabilities that require no browser plugin or external program to view PDF files directly in the browser.
In addition, all major browser companies plan to remove support for classic NPAPI plugins in 2016.
Its ironic that your article uses flash based ads. When you accidentally mouseover a word you get a popup flash ad! Does this mean you dont mind making money at the expense of us unsecure flash users? lol
It is your choice to enable or disable Flash, to install an ad blocker or don’t. It is not that I’m forcing you to view those ads. And I’m not entirely sure that the majority of ads here use Flash anyway.
Yeah, Martin, can you explain us why you think that (the same Adobe) Flash player compiled into the Google Chrome browser is any more secure than the pluigin one in other browsers (exept the fact that the integrated player is always silently updated with Chrome and the better stability they achieved with the integration) ?
Tom that would depend on your browser usage. My main browser is Firefox without Flash. I only use Chrome for articles and to view Flash contents that I need to access. If you run Chrome all the time its basically the same deal.
Ah, I see now. Maybe it would be interesting to investigate (or point the readers if it’s already been done in an older post) the way of running the spare web browser with all plugins in some sandboxed enviroment for security reasons and access the pugin-required contents through that one. Just something I have been thinking of for a while as a possible solution for this…
Sorry, but even a firewall and anti-virus will not protect yourself against vulnerabilities.
As for PDF, do a search for Sumantra PDF reader.
The weakest link between the computer and the chair is you.
Sorry i do not see your point why you would not use flash and adobe reader plugins. If it is for security concerns, then I would not use Chrome browser either.
Well, if you run really alternative operating systems (eg. Haiku, AROS, etc), even though you have a WebKit based browser which displays HTML5, you dont have flash.
Us Alt OS users can live without Flash and Java, thank you very much.
You ought to uninstall Adobe PDF reader too (if you havn’t already), as well as the PDF plugin. Why stop there though? Uninstall Java, don’t install Silverlight, etc. In fairness you’re probably taking a chance by using a browser at all. ;)
OR, just use a better security suite, one that isn’t just a firewall but monitors program activity for oddball stuff. That’s a hell of a lot better than slowly disassembling the Internet experience on your machine. The software takes a little while to settle down when first installed, but after a week the number of false alerts you get are pretty much zero. I got a red alert from a Java app once, and again from a compromised Adobe PDF (I hadn’t updated the plugin when prompted and I hit a site with a compromised PDF). It was interesting to read about the type of nasty that was trying to get in.
I’m using a combinaton of Comodo Firewall (free) with DEFENCE+ turned on, as well as AVG Free, which acts as protection for anything that get’s past these prinkly defences. I took this approach after getting infected last year from – wait for it – a vulnerability in JPEGs! You could turn images off in your browser to stop that, but I urge you to rethink. ;)
FWIW both Comodo and AVG have minimal impact on my system performance compared to some of the paid-for alternatives. Norton looked like the best of the bunch, but I couldn’t fathom it’s firewall out. I have a glorified netbook, so performance is a big factor for me.
I get a lot of “an error occured” error messages when trying to watch videos on youtube or when they are embedded. No idea why and don’t want to waste my time finding out… so I use
http://keepvid.com/
for downloading them. Prefer to do that anyways
Hi,
Fair enough; I don’t have time to test that but I would wonder if there was same what that restriction of the Flash plugin might fail.
In any event you DID have Flash installed with all of the security issues it comes with, even if it is only used with one browser.
Perhaps if HTML5 does take off with a free or royalty free codec then Flash for video playback will be a thing of the past.
Kind Regards
Simom
“Perhaps if HTML5 does take off with a free or royalty free codec then Flash for video playback will be a thing of the past.” …
I doubt that: I think we’ll see a mix, corporations such as the Beeb and Channel 4 will still use Flash (or an equivalent) to deliver their video – although the codec would be free, it would be hard for them to prevent piracy …
£0.02
A
Hi,
If you have been using Chrome then you are using the non-IE version of the Flash plugin for browsers such as Firefox etc.
So you really have had Flash installed! :-)
Have you been through the Flash Settings Manager to check the security settings via:
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html
While an interesting experiment, unless you can find HTML5 versions of everything that uses Flash then it’s going to be a frustrating project.
Personally I would be investigating the security settings on Flash and Acrobat Reader and turn off all of the settings which are probematic.
Regards
Simon
No Flash in Firefox, Opera or Internet Explorer, only in Google Chrome 5. The native plugin cannot be used by other browsers.