
Senator Asks US Agencies to Remove Flash from Government Websites - parvenu74
https://www.bleepingcomputer.com/news/government/senator-asks-us-agencies-to-remove-flash-from-government-websites/
======
sandermvanvliet
While the end-of-life, security issues angle is a perfectly valid one I’m
surprised this isn’t about accessibility. I would imagine government websites
should provide information in an accessible way which Flash definitely isn’t.
The recent HN post about the UK government moving from PDF to HTML[0] springs
to mind as an example of a move in the right direction but given that it took
a lawsuit to make laws publicly and freely accessible I think that isn’t a
goal in US government somehow.

[0]
[https://news.ycombinator.com/item?id=17541045](https://news.ycombinator.com/item?id=17541045)

~~~
TeMPOraL
Two notes, though I doubt anyone working on government pages will actually
read them:

1) PDF -> HTML improves accessibility. HTML -> content rendered by JS via an
SPA framework is _worse than PDF_ , and approaches Flash. Please don't do
that.

2) Think of the robots :). One of the problem of government data is that while
you can usually find the scanned PDF or an XLS file with the data you're
looking for, it's completely useless for automated processing. Making public
data easier for machines to read enables citizens to build interesting tools
on top of them.

~~~
KyeRussell
I'd usually be right beside anyone wanting to begin JavaScript bashing but it
feels like you are conflating two issues.

Whilst the (for lack of a better term) JavaScript / SPA ecosystem encourages
(especially to novices) people to do things in the Wrong Way, I wouldn't say
that an SPA is inherently less accessible, and I definitely wouldn't say that
it's less accessible than a PDF.

I—like I'm sure the rest of HN—have experienced many a terrible SPA, but from
my JavaScript dabbling it's becoming more and more apparent that it's due to
bad developers more than anything else.

~~~
TeMPOraL
> _I 'd usually be right beside anyone wanting to begin JavaScript bashing but
> it feels like you are conflating two issues._

I'm not really bashing JavaScript per se, I'm bashing modern web development
ecosystem.

Sure, you _can_ use JS and modern SPA frameworks to build lean, accessible,
progressively-enhanced pages. But that's _not the default_. That is not what
tutorials will encourage you to do. That is not what those tools were designed
to facilitate. And your typical developer will absolutely follow trends and
"industry standard" in the technologies they use.

It's kind of like with bashing PowerPoint. To be completely honest, PowerPoint
is a very powerful tool that can help you deliver amazing presentations _if
you know how to use it_ for that goal. Most people don't, and the _defaults_
of PowerPoint encourage bad style - hence people bash the tool.

------
classichasclass
The adblocker suggestion is particularly interesting and I don't think is
getting enough press. I would bet that a lot of smaller federal agencies
wouldn't be as timely with IT updates as they should be. As it happens one of
those malicious payloads could indeed be a Flash applet, so the overall push
away from Flash should help, but there are many other ways in. Unfortunately I
think it's local agencies that would need this extra layer of defense most,
having seen how neighbouring municipalities maintain their systems (or don't).

~~~
tomschlick
And really the blocker could be (and probably already is) implemented at the
DNS level with something similar to PiHole's blacklist. I'm sure big
switch/network gear manufacturers have something similar to block ad/tracking
traffic.

------
bdhess
How did I know before clicking that the Senator would be Ron Wyden?

~~~
ISL
Because it's always Ron Wyden.

~~~
1121redblackgo
50/50 Wyden or Warner

------
newman8r
While they're at it, they should request that all government websites with
news feeds provide it in RSS format. A lot of agencies do this, I have a list
of almost 100 US government feeds - but it's unfortunately absent from some
agencies.

They really shouldn't make people to go to twitter or facebook to follow their
press releases...

------
mceoin
Ron Wyden again. He's making a habit of this. Anyone know who Wyden's tech-
focused staffer is?

~~~
bgentry
I'm not sure if he has others, but Christopher Soghoian is a prominent one:
[https://en.wikipedia.org/wiki/Christopher_Soghoian](https://en.wikipedia.org/wiki/Christopher_Soghoian)

~~~
mceoin
Thanks!

------
rbanffy
I'm a bit shocked someone needs to ask for this in 2018. All those Flash
things must have been empty rectangles for the last decade or so.

~~~
thephyber
It's the difference between building a product to spec and building a product
so it's usable by the actual demographic that needs to use it. US Digital
Service talked about finding these Flash barriers and building quick webform
replacements making a HUGE improvement in usability (like from ~5% completion
to 90%+ completion IIRC).

I wouldn't be surprised if those same government departments are stuck on
WinXP SP2 with IE6-8 with Flash enabled. IT at huge orgs moves extremely
slowly.

~~~
rbanffy
> those same government departments are stuck on WinXP SP2 with IE6-8 with
> Flash enabled

I'm not sure how their sysadmins can sleep at night with this ;-)

------
cwkoss
I knew this must be Wyden. I'm a fan, he seems like one of the only members of
Congress with a strong understanding of technology.

~~~
chris_wot
I was amazed that there is actually a Senator who actually understands
technology...

------
ionised
As an outside observer of the US, Ron Wyden seems to be one of the few that
tries to stay informed and isn't totally self-interested.

He seems like someone I would vote for.

------
paulie_a
Flash and ie6 need to be completely left unsupported. I'd go so far as Adobe
and Microsoft should put a Killswitch that removes them or simply makes them
unusable.

------
modzu
can we remove captcha while we're at it? its the same sort of lazy bs flash is
-- yes, it does serve a purpose, but at the expense of your users

~~~
thephyber
> yes, it does serve a purpose, but at the expense of your users

That has _always_ been the tradeoff of captcha.

The other side of the equation is how relevant/useful is the data submitted?
So long as the captcha isn't unreasonably difficult for a human, I would
rather my government not spend resources to follow through with every single
spammy form submission.

~~~
modzu
ideally you'd implement something that inconveniences machines (ie spam bots,
aka the sole reason captcha needs to exist) but doesnt inconvenience humans

in particular, the v2.0 of captcha implements this time delay.. where you
click a picture that matches a description but the images do not appear
instantly. its like, wait a random amount of time before you can continue..
you cant even login to our service until you wait a random amount of time..
its insane, piss off, you know, these captchas can actually be broken easily,
its just not common yet...

------
perl4ever
The article conspicuously doesn't mention his party.

~~~
some_random
Does his party matter? For reasons other than knowing if he's on my team or
not?

~~~
perl4ever
It's _precisely_ the case where you're _not_ committed to a "team" forever and
ever that knowing which party a representative belongs to would be an
informative data point. Whether they are doing something notably sensible or
dumb.

~~~
BeetleB
>It's precisely the case where you're not committed to a "team" forever and
ever that knowing which party a representative belongs to would be an
informative data point. Whether they are doing something notably sensible or
dumb.

Quite the opposite for me. Because I'm not committed to a team, I have little
reason to care, and that piece of information is not at all informative for
me. I vote for people, not parties.

