Feeds

Google updates Chrome Flash plugin for security, stability

Says it runs Flash content in Windows 8 better than IE10

Providing a secure and efficient Helpdesk

Just when you thought Adobe Flash was close to dying out on the web, none other than Google has stepped in to give the much-maligned rich media plugin a new coat of polish.

The latest stable version of the online ad-slinger's Chrome browser for Windows includes a redesigned version of the Flash plugin that Google reps say will not only make Flash content more stable and secure, but will allow Chrome to offer the best Flash user experience when browsing in whatever we're calling Windows 8's Metro mode now.

The new plugin ditches the ancient Netscape Plugin API (NPAPI) that web browsers have been using since Raquel Welch fought the dinosaurs, in favour of Google's home-grown Pepper Plugin API (PPAPI), which the search giant says offers improved security by isolating plugins inside their own protected "sandboxes" of memory.

"Windows Flash is now inside a sandbox that's as strong as Chrome's native sandbox, and dramatically more robust than anything else available," Google software engineer Justin Schuh writes in a blog post detailing the change.

In addition, he says, the move to PPAPI has made the Flash plugin more stable and allows it to take advantage of more of the advanced capabilities of modern browsers, such as Chrome.

"By eliminating the complexity and legacy code associated with NPAPI, we've reduced Flash crashes by about 20 per cent," Schuh writes. "We can also composite Flash content on the GPU, allowing faster rendering and smooth scrolling (with more improvements to come)."

Schuh says NPAPI was designed at a time when browser plugins were evolving rapidly to provide a wide range of capabilities. Because of this, NPAPI is a thin API that gives plugins lots of access to underlying OS features. But that flexibility also makes it insecure, which is why NPAPI plugins have been banned from the Windows 8 Start Menu environment, formerly known as Metro.

PPAPI doesn't allow plugins anywhere near the level of unfettered access to system resources that NPAPI does, which is why PPAPI plugins – including the new Flash plugin – will be able to run inside the Metro-style version of Chrome.

Contrary to early reports, Flash content will be viewable in the Metro-style version of Internet Explorer 10, but only if it meets Microsoft's compatibility guidelines. In addition to constraining the design of Flash content, those guidelines also exclude certain Flash APIs, including access to cameras, microphones, and printing.

Because of this, Schuh says, the Metro version of Chrome will be "the only way to use all Flash features on any site in Windows 8 Metro mode."

That excludes Firefox, too. Although Mozilla developers having been working on a similar plugin sandboxing feature, they say they are "not interested in or working on Pepper at this time," meaning Firefox won't be able to share Google's PPAPI Flash plugin.

Chrome updates are installed automatically and the Flash plugin comes bundled with the browser, so all current Chrome users on Windows should already have the new version of the plugin installed. Linux users have actually had it since the previous stable version of Chrome, and Schuh says a Max OS X version is coming. ®

Bootnote

Oh, and about those rumors of Flash's death? Mark Twain might have had something to say about them. According to a blog post by Google software engineer Carlos Pizano, when the online ad-slinger analyzed data from Chrome users, fully 99.9 per cent had fired up the Flash plugin at least once in the past 28 days.

By comparison, only 58 per cent had used Chrome's PDF viewer, 26 per cent had used Microsoft's Silverlight plugin, 12 per cent had used Java, and just 4 per cent had used Apple QuickTime.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really
Windows NEIN skipped, tech preview due out on Wednesday
Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
Forget touchscreen millennials, Microsoft goes for mouse crowd
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
'Google is NOT the gatekeeper to the web, as some claim'
Plus: 'Pretty sure iOS 8.0.2 will just turn the iPhone into a fax machine'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.