DuckDuckGo Ups Ante: Gives $300K to 'Raise the Standard of Trust'
For the seventh year in a row, the search engine that promises not to stalk your online moves puts its money where its mouth is, this year by donating $300,000 to organizations that
System76 Saying Goodbye to Bland Design
Considering that System76 chose to unveil its new design plans to The Linux Gamer -- no invite went to FOSS Force, BTW -- we can't help but wonder if a System76 Steam Machine isn't in the works.

The Screening
The Great Debian Iceweasel/Icedove Saga Comes to an End
Now that Thunderbird is back in the Debian repositories, the decade long dispute that led to all Mozilla products in Debian being rebranded has ended.

The hatchet is finally completely
Back Yard Linux
It's not as lonely being a Linux user as it once was. These days you're liable to find people throughout your neighborhood using Linux.

My how times have changed.

It wasn't long ago that Linux
No, Evil Hackers Aren't After You
Humankind has outgrown the need to have monsters hiding under our beds. Now we let them hide in our phones, computers and microwave ovens.

Roblimo's Hideaway

OMG! I think I see a giant camera lens on
Should the U.S. Army Have Its Own Open Source License?
Should the U.S. armed forces begin releasing software under an OSI approved open source license rather than as public domain?

Roblimo's Hideaway

This question has generated many pixels'
GitHub CEO Chris Wanstrath on Open Source
Did you know that the software Stephen Hawking uses to speak is open source and that it's available on GitHub? Neither did we.

The Screening Room

At the Computer History museum, GitHub CEO Chris
September 25th, 2013

The Death of the Browser Plugin is a Good Thing

Oddly, the death of the browser plugin started with Microsoft. Now, the other two major players in the browser game seem to be in the process of saying goodbye as well, although it’ll be a long goodbye evidently.

Everybody’s reporting on this. Earlier this week we heard that Google is in the process of doing away with the NPAPI architecture, a Netscape relic. They’re not throwing it out the window just yet; they’re just making it a damn nuisance to use. Brad Chacos at PCWorld put it this way:

“Google announced that plug-ins using the uber-popular NPAPI architecture would be shifted to ‘click-to-play’ by default this coming January, rather than running automatically. Many top plug-ins use the technology, including Java, Silverlight, Unity, Google Earth, Google Talk, Facebook Video, RealPlayer, QuickTime, Shockwave, Windows Media Player and Adobe Reader prior to Adobe Reader X.”

Firefox brings "click to play" to browser plugins.“Click to play” means that every time a webpage wants to take advantage of a plugin, the user will have to click to give it permission. Eventually, Google hopes to replace the old architecture with PPAPI or the Pepper Plugin API, which supposedly fixes a lot of NPAPI’s problems, if they can get traction outside of Google which doesn’t seem likely at this juncture. The folks at Mozilla have already said, “Mozilla is not interested in or working on Pepper at this time.” That sounds like a “no” to me.

Mozilla and Firefox have announced they’re otherwise of a similar mind, however.

“Firefox is even less enamored with plug-ins. This week, click-to-play functionality arrived in Firefox Aurora, a preview build of the browser that will hit release status in mere weeks. As with Chrome, the new feature still allows you to use plug-ins, but you have to explicitly allow them to run.”

This morning on CNET, Stephen Shankland explained why:

“Mozilla’s move is a new step in a wider movement among browser makers to rid the Web of plug-ins, which were useful in a time when browsers rarely released new programming interfaces for new features. However, now plug-ins are viewed largely as security and stability risks, which is why Chrome will begin barring many plug-ins starting in January 2014 and Microsoft banished plug-ins from Internet Explorer running on the new Windows 8 interface. Like Mozilla and Google, Microsoft carved out an exception for Flash, but others–including Google Talk, Java, and Adobe Acrobat — will require permission.”

Yup. Unfortunately, for the time being Flash won’t be included in the mix and will continue to run out of the box. Yesterday, Benjamin Smedberg, the Firefox engineering manager for stability and plugins, explained why in a blog post:

“Flash content is so common on the Web, and many websites use ‘hidden’ Flash instances that the user does not see and cannot click on: making Flash click-to-play would be confusing for most users. Users with older versions of Flash that are known to be insecure will see the click-to-activate UI and will be prompted to upgrade to the latest version.”

I, for one, won’t be unhappy if the browser plugin goes entirely the way of the passenger pigeon. I’m tired of going to the plugin section of my browser and finding plugins that have been installed and activated without my permission, although I think this problem has been fixed in recent times. Oddly again, or maybe not, the worst player in this regard was or is Microsoft, the same folks who were the first to bar plugins from their browser.

I’m also tired of browser crashes on old hardware, caused by web designers who think it okay to ask a browser to use multiple plugins on a single page, eating up tons of memory in the process. I expect this problem to get better almost immediately. Surfers aren’t going to like being confronted with half a dozen click throughs every time they visit a webpage.

As for security, the vast majority of browser exploits these days involves a security vulnerability in a plugin.

The following two tabs change content below.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

5 comments to The Death of the Browser Plugin is a Good Thing