Taking control of the Flash player

As far as I can tell, Flash is an advertising delivery platform for the Web. This is why I have not installed the Flash player in my Firefox browser. It saves me (especially when combined with the Adblock Plus Firefox add-on) from a lot of obnoxious animations. And a few security vulnerabilities too, (this latest one is what prompted me to write this quick entry to help readers protect themselves while retaining the option to use Flash).

Despite all the hype about Flash, I very rarely run into a page that requires it for something useful. A few sites are Flash-only (mostly restaurant web sites from my experience, apparently restaurant owners are easy preys for incompetent Web site designers) and when I find one I usually take that as a sign that I am saving myself a lot of frustration by taking my business elsewhere.

Still, once a while I need to view a Flash applet. Ideally, I would like to have Flash installed but disabled, such that I can enable it for a given page with a single click. This doesn’t seem to be possible (my guess is that Adobe knows very well that Flash is mostly used in ways that are not welcomed by users and that they would likely disable it most of the time if given the option). So here is a convenient way to achieve the same effect:

While I have not installed the Flash player in Firefox, I have installed it in IE. I have also installed the IE Tab Firefox add-on which allows one to switch from the Firefox rendering engine to the IE rendering engine within a given Firefox tab. It can be configured to place a small icon in the status bar. Clicking on that icon switches the rendering engine, which means that suddenly the Flash player is enabled for the page you are looking at. One-click enable/disable as requested!

You can also configure IE Tab to automatically switch to IE rendering for some pre-configured sites. So if there are Flash-dependent sites that you use on a regular basis, just enter them there and the IE rendering engine will automatically be used whenever you are on those sites. Again, this all happens inside your Firefox tab, it doesn’t start a separate IE browser. Enjoy.

[UPDATED on 2007/12/24: I wrote this entry to try to help readers and it turns out I am the one who’s getting helped after all. Many commenters pointed to the Flashblock firefox add-on which is designed specifically to do what I get done in a round-about way with IE Tab. I looked for such an add-on some time ago and didn’t find it, which is why I devised the work-around. Thank you all for the info.]

[UPDATED 2008/5/14: Another reason to keep Flash turned off: Crossdomain.xml Invites Cross-site Mayhem.]

[UPDATED 2008/6/9: Looks like Flashblock can be circumvented (in a way that my more basic FF vs IE setup cannot). BTW, I closed comments on this entry because for some reason it was attracting a lot more comment spam than all the others combined. Email me (see about page) if you want to post a comment here.]

9 Comments

Filed under Everything, Flash, Off-topic, Security

9 Responses to Taking control of the Flash player

  1. David Grambinoccino
  2. Carey

    Make your life easier:

    http://flashblock.mozdev.org/

    Works like a charm!

  3. Gena01

    You should try FlashBlock add-on for Firefox: https://addons.mozilla.org/en-US/firefox/addon/433

  4. tobozo

    Flashblock is a good complement : http://flashblock.mozdev.org/

    This won’t be 100% effective (buggy DOM support) but will be better than nothing on machines where Firefox+Flash is installed.

    Combine it with a personal Adblock filter, and whitelist whatever page you need to have flash content executed in just one click.

    I just don’t understand how using MSIE rendering engine to display potentially vulnerable flash content is more secure than using Sunbird or Opera (supported by IETabs as well), or even Firefox itself.

    There is no addon such as AdBlock for MSIE, and the one installed in Firefox doesn’t have any effect in IE Tabs, so when you switch to MSIE rendering engine, you dramatically decrease the security level by enabling ads (thus exposing the system to virus threats and the user to brain damage;).

  5. Jack Stewart

    Thank for your solution to a long standing annoyance. One suggestion – because Adobe’s Flash uninstaller removes the player from all browsers you might want to vist the following mozilla site page for instructions on removing the player from Firefox only.

    http://kb.mozillazine.org/Flash_(Firefox)#Windows_uninstall

    Jack

  6. David M. Besonen

    thanks for that suggestion William–some type of work-around is better than nothing.

    one other thing would be nice and that you be a way to prevent folks from downloading the flash player to firefox. i suppose this might best be accomplished by blocking adobe.com’s ip address range. that seems like it would be a lot easier than attempting to block the pop-ups telling folks they need to install the flash player, no? do you have any other ideas about how to accomplish this?

  7. Outtanames999

    Flash technology is attractive, entertaining and compelling – and even makes ads worth watching. So I believe blocking Flash is not the long term solution. Instead Adobe needs to step up to the plate and make its Flash plugin as user friendly as other contemporary web technologies.

    For example, consider the options you have when right-clicking on almost any other web page object. Options like view source, save to the local machine, copy/paste, create a shortcut, etc. None of these are available for Flash objects.

    It is time for Adobe to open up its platform to give users more control and more options and abandon the Shockwave CDrom interface mentality where the “developer knows best” what the user wants.

    The truth is, no one knows what the Flash app is doing, and it’s doing it without our permission or control. That’s got to change.

  8. Pingback: William Vambenepe’s blog » Blog Archive » A sign of life from the CML working group

  9. Brian Tkatch

    Oh my, i do the same thing with FF and IE. :)