
Amazon joins in on killing Flash, stops accepting Flash ads - mukyu
http://www.geek.com/news/amazon-joins-in-on-killing-flash-stops-accepting-flash-ads-1631748/
======
sp332
You know Flash is dead when Homestar Runner says it's dead!
[http://www.homestarrunner.com/flashisdead.html](http://www.homestarrunner.com/flashisdead.html)
For those who don't know, this site was a legit phenomenon in the early
2000's, and it has always been 100% flash-based.
[https://en.wikipedia.org/wiki/Homestar_Runner](https://en.wikipedia.org/wiki/Homestar_Runner)

~~~
toomuchtodo
How hard would it be to convert those Flash videos into mp4s for archival in
the IA?

EDIT: Looks like they've been uploaded to Youtube:
[https://www.youtube.com/user/homestarrunnerdotcom](https://www.youtube.com/user/homestarrunnerdotcom)

~~~
martin-adams
Not quite so straight forward, a lot of their videos were interactive for
hidden gems. They will be lost when moving to a linear file format.

~~~
sp332
With access to the source, it should be possible to export them to HTML5 using
Adobe's flash authoring tools. I've never tried it though, and I don't know
how good the HTML5 versions would be.

Edit: huh, it kinda runs with Mozilla's Flash-runtime replacement, Shumway.
Another few rounds of bugfixes and we might not need any Adobe code to play
these files just as they are.

~~~
pluma
The problem with most current Flash-to-HTML5 conversions is that they only
barely support ActionScript, if at all. So anything meaningfully interactive
(like minigames) is pretty much out.

~~~
saurik
Shumway makes it sound like "we got this" (which then discourages someone like
me--someone who has a ton of knowledge of compiler design and a lot of
background specifically with JavaScript-based language but almost no interest
in duplicating effort, someone who would normally see this call to action and
go "oh, I'll add this to my todo list"\--from even spending much time
researching the current space). Are you saying Shumway only "barely" supports
ActionScript?

~~~
sp332
There are several such projects - swfdec, lightspark, gnash, etc. From what
I've seen of them, they all underestimated the amount of effort. Most of them
just petered out. So if you're going for it, I would worry less about
duplicating effort and more about setting realistic goals for the project.

~~~
pluma
The big problem is that AS2 and AS3 are drastically different from each other
and neither of them can safely be ignored.

Supporting even one of them in its entirety is a Herculean effort. Supporting
both is insane.

------
eosrei
Amazon is switching to JavaScript animated ads to support all devices. This
isn't anything against Flash, this is a business decision to reach more
eyeballs.

Flash is fast. JavaScript/HTML5/WebGL/etc are just recently getting close to
the performance we had in Flash 10+ years ago. Flash is perceived to be slow
because it was used to make obtrusive advertising, like JavaScript is used
now.

The evil dictator has been replaced, with much fanfare, by a new evil
dictator!

An example from 2010 of Flash running in-browser 3D with millions of polygons
and lighting effects:
[https://www.youtube.com/watch?v=szaXvTsoeVs](https://www.youtube.com/watch?v=szaXvTsoeVs)

~~~
Tloewald
Flash's speed on desktops is not the main strike against it, although it was
actually quite bad for many things (the 3d stuff worked better for it because
it bypassed its aging 2d rendering engine which no-one left at Adobe
understood or could fix). Flash's speed on mobile was abysmal and Adobe tried
and failed to fix it for years (after Steve Jobs' famously pointed all this
stuff out).

The fact that Flash would store user information separately from the browser
in such a way as to circumvent security and privacy models, and did so for
years after Macromedia (i.e. pre-Adobe-merger) knew about it, and that Flash
had and has as many vulnerabilities as any two operating systems is simply
icing on the cake.

Here's a discussion -- also from 2010 -- of Flash's abysmal 2d performance
(which entailed fixing an example created explicitly to show how awesome Flash
was):

[http://loewald.com/blog/?p=3362](http://loewald.com/blog/?p=3362)

Bear in mind, this is Flash's nearly 20-year-old/mature rendering engine
optimized to only do minimal screen updates against a five minute hack using a
canvas.

And, finally, you need Javascript anyway. Flash actually needs Javascript to
even load properly (thanks to the stupid Eolas lawsuit), so it's a case of
giving up one evil dictator while keeping a not-nearly-so-evil-and-much-more-
useful dictator.

~~~
MBCook
> Flash's speed on desktops is not the main strike against it

Flash's speed on _windows_ wasn't the main strike against it. As a Mac user it
was always quite slow, even worse in the PPC days.

~~~
eosrei
I didn't notice any drastic difference between the two operating systems in
that regard. I had to test educational software written in Flash on a range of
computer systems years ago. Adobe has always supported Apple/Windows evenly,
so I'm surprised you would experience a difference.

------
larsiusprime
If we want to speed up the demise of flash, there are several roots that need
to be whacked simultaneously:

1\. Tons of existing flash content people want to access

2\. Give current flash devs a reasonable alternative

The first one is a thorny problem and is somewhat solved by things like
Shumway but still needs more work.

As for the second, things like Unity and HTML5 have not covered all of flash
dev's use cases, so only some of them have switched over.

I think OpenFL (a Haxe-based reimplementation of the Flash API -- _not the
flash PLAYER_ ) is our best hope for that:

[http://www.openfl.org](http://www.openfl.org)

[http://www.haxe.org](http://www.haxe.org)

Devs can keep their current flash workflows but export to non-flash targets,
specifically native C++ (supports mac/win/linux, iOS/Android) and HTML5 (with
canvas, DOM, or WebGL rendering). They can also use SWF-based vector animation
assets, and even integrate with the Flash CC player. And it's all open source.

Flash has been "dying" for years, but if we really want it to bite the dust,
we need to give people a better way to make their content that doesn't depend
on a plugin.

EDIT: Video of OpenFL integrating with the Flash CC editor:
[https://www.youtube.com/watch?v=BhE07Y9TUJU](https://www.youtube.com/watch?v=BhE07Y9TUJU)

~~~
marquis
Media players: browsers don't have native support for H.264 over HLS or RTMP,
and MPEG-Dash seems native to Chrome only. If the browsers could accept these
natively, this would certainly speed flash's demise. Until then, what are the
alternatives?

~~~
samsonradu
Exactly. Much of the live streaming on the web defaults to flash, the
alternatives (hls, rtsp, webrtc) are all underperforming.

------
AdmiralAsshat
Cool. Now if only Amazon would eat its own dogfood. Their Prime Music/Cloud
library music player still requires Flash in order to use.

~~~
pki
Now if only the music licencing services backing Prime don't require flash and
DRM ..

~~~
chaostheory
Does Netflix still require flash?

~~~
pki
Silverlight is required on browsers that do not support EME

~~~
ascagnel_
Can EME be used in streaming music players, like Prime Music or Spotify?

------
cableshaft
I've been wanting to update my existing Flash games (I've released 7 games) to
something more modern, like HTML5+JS or (maybe) Unity, but I don't want to
spend a ton of time learning a new stack and getting things working, as I
really don't have the free time I used to.

A few of the games have heavy use of graphics and animation also, that I don't
really want to have to recreate manually. I've worked on games made with Unity
and Cocos2d(ios) since then, but I'm really hoping there's some shortcut I'm
not aware of.

There's a ton of JS frameworks out there and it's hard to evaluate which would
be worth the time and effort.

Plus I really don't want to have to do this again in the future, so hopefully
this can be something I do once and I'm good for the forseeable future (which
is why I'm leaning towards HTML5 + JS). Some cross-platform capabilities would
be nice too.

Example of the heavy art/animation:
[http://www.newgrounds.com/portal/view/187047](http://www.newgrounds.com/portal/view/187047)

If anyone has any suggestions, I'd appreciate it.

~~~
larsiusprime
OpenFL!

[http://www.openfl.org/learn/tutorials/using-swf-
assets/](http://www.openfl.org/learn/tutorials/using-swf-assets/)

[http://community.openfl.org/t/using-swf-assets-tutorial-
feed...](http://community.openfl.org/t/using-swf-assets-tutorial-feedback-
wanted/1450)

[https://www.youtube.com/watch?v=BhE07Y9TUJU](https://www.youtube.com/watch?v=BhE07Y9TUJU)

That's as close as you get to keeping your existing workflow and maintaining
your assets. It's really close IMHO and works well. Also there's some scripts
that can translate As3->Haxe and take care of 95% of the work of porting the
code, and then OpenFL has the same API as flash does so your API calls are all
the same.

Alternatively FLUMP can be used if you just want to export assets and use a
totally different framework:
[http://threerings.github.io/flump/](http://threerings.github.io/flump/)

------
pluma
Great! Now I'll no longer see these "Click to Play" placeholders instead of
the intrusive animated ads. I'll finally be able to experience the intrusive
animated ads the way they were meant to be seen.

... Yay?

------
shawkinaw
I'm actually torn on this, because the fact is that Flash can do things that
you realistically can't do any other way. In my case, I've written a couple of
video conferencing apps that need web-web and web-Android connectivity, and
Flash/AIR is still definitely the easiest way to do that sort of thing. WebRTC
has promise, but it requires a reasonably recent browser (and not Safari), and
until very recently it didn't work in WebViews on the Android side.

------
e40
I tried to uninstall Flash, but my bank (Citi) uses it for their one-time
credit card # applet. And, I miss a lot of videos on the internets, but I can
live without those. The bank thing, I cannot. (Yeah, I complained and was told
moving away is "in the works.")

~~~
Shengbo
Same thing here, my bank updated their entire website, except for internet
banking which still uses flash.

------
edpichler
The only thing I will miss on flash is the Copy to clippboard feature (e.g
[http://zeroclipboard.org/](http://zeroclipboard.org/)).

Is there other way to do the same when flash will be extinct?

~~~
dao-
see document.execCommand("copy"), document.execCommand("cut"):
[https://developer.mozilla.org/en-
US/docs/Web/API/Document/ex...](https://developer.mozilla.org/en-
US/docs/Web/API/Document/execCommand)

~~~
exodust
So in other words... NO.

------
zeveb
I'm actually a bit conflicted about this. The nice thing about Flash-based
media is that one can disable JavaScript (thus increasing one's privacy) and
then enable Flash _only_ to view a particular video (e.g. on Amazon Play);
with JavaScript and HTML5, one generally has to enable JavaScript for the
entire domain rather than a single video on a single page.

Why would one want to disable JavaScript in the first place? Privacy &
security: why enable a site to execute random code on one's own machine when
all one wants to do is read some content?

~~~
deelowe
Flash has had vulerabilities and executes arbitrary code as well... What's the
difference?

At least with javascript, there's only one attack vector (the browser itself).
Flash requires a plugin to work properly.

~~~
zeveb
> Flash has had vulerabilities and executes arbitrary code as well... What's
> the difference?

It sure has! But it's nice to expose oneself to vulnerabilities only when
absolutely necessary (e.g. to view a single video), rather than for every page
currently loaded for a site.

------
b_a_c_o_n
I'm a flash dev in my 30s, never made as much money as I am making now. Flash
is not dead, it's changing, it moved to embedded devices and has blazing
performance results. As usual, a decade ahead of where the web is at.
[http://labs.adobe.com/downloads/air.html](http://labs.adobe.com/downloads/air.html)
Haters gotta hate! (-__-)

~~~
sn0v
Curious here, what do you use it for on embedded devices?

~~~
b_a_c_o_n
Sorry sir, meant 'mobile' devices

------
xngzng
We need Google to remove bundling Flash player in Chrome. Chrome for OS X has
Flash built-in. Not sure about other build.

~~~
thrillgore
My understanding is that Chrome for Flash uses Pepper (a NaCl extension) for
its plugin support so its not a vector for attack. You can always turn it off
from chrome:plugins.

~~~
wnevets
>plugin support so its not a vector for attack.

I wanna say this is untrue, I vaguely recalling an exploit within the past
month or so.

~~~
cpeterso
Hacking Team’s Flash 0-day: Potent enough to infect actual Chrome user

[http://arstechnica.com/security/2015/07/hacking-teams-
flash-...](http://arstechnica.com/security/2015/07/hacking-teams-flash-0day-
potent-enough-to-infect-actual-chrome-user/)

------
dsfyu404ed
I'm sure this decision made them a fair number of enemies in the far east...

------
knocte
ok, now we need spotify to make a move

------
exodust
I have Flash enabled all the time. No probs here. Smooth and efficient. I have
no agenda or need to kill it.

So much viral hate. Plugins have a right to exist. You gonna declare war on
all plugins or just Flash? HTML doesn't necessarily run its full suite of
tricks on all browsers and platforms. And my iPad3 often slows to a crawl
because of bloated well-known websites. Browser memory maxes out and I can't
even switch tabs without full page reloading. Inefficiency follows poor
technical design no matter what technology is used.

Is javascript next because of those trendy promo pops where they think you're
leaving? Kill everything that sux, or whatever technology it comes from. Kill
it all and dance on its grave like there's no tomorrow.

Tomorrow we'll retreat to our native apps with virtual coins and account
validation. We'll share our contact lists without knowing that we did, and we
won't be blocking ads because we can't.

Tried the Youtube HTML player once. That was one hell of a rough and buggy
experience. Switched back to Flash.

Clicked a link to youtube in iOS Safari more than once, and got auto-switched
to the youtube app rather than the video play in Safari. I don't know what or
who to hate about that, I'm just tired.

~~~
brandonwamboldt
Flash is a closed source binary plugin with a long history of security
vulnerabilities that Adobe was slow to patch. For the most part, JavaScript
engines are open source, don't have a history of security vulnerabilities (to
the same severity), and are typically patched quickly.

~~~
koonsolo
Here is a 2014 vulnerability report of Secunia:
[https://secunia.com/resources/vulnerability-review/update-
al...](https://secunia.com/resources/vulnerability-review/update-all/)

Google Chrome is at the top with most vulnerabilities, IE a bit below it,
Avant browser, Firefox. Same with the 2015 edition.

Flash didn't even make it in the top 20. And yes, they also evaluated it.

~~~
dveditz_
You can't compare counts of published vulnerabilities when organizations have
vastly different standards of publication. Open source projects (e.g. Firefox,
chromium) publish everything, even internally found flaws. Closed-source
projects tend to publish only those reported by external reporters, not ones
they found internally. At least one hopes they are also fixing lots of
internal bugs! They might not be, in which case a low vulnerability count
could actually mean they've got lots of unfixed vulnerabilities.

What about attacks found in the wild? Flash takes the cake there, although
that may in part mean its ubiquity makes it a useful target.

In any case you can't use Flash to browse the web. You are already taking on
the risk of whatever vulnerabilities lurk in your chosen browser; using Flash
is adding vulnerability risk on top.

