Microsoft is following what Apple did with Safari back in 2013, and Google did with Chrome in 2015.
Simply put, the Edge browser will as good as block Flash ads by default.
Of course, that’s not exactly what Microsoft is doing, nor is it quite how Microsoft has described the feature.
It’s not about security, even though Microsoft’s announcement starts off with:
One of our top priorities in building Edge has been that the web should be a dependably safe, performant, and reliable place for our customers.
Nor is it really about turning Edge into an adblocker – after all, ads are vital to Microsoft’s business, just as they are to Apple and Google.
Apple pitched Safari’s Flash-blocker as the Safari Power Saver; Google announced its Flash regulator under the headlineBetter battery life for your laptop; and Microsoft is following suit (our emphasis):
We’re introducing a change to give users more control over the power and resources consumed by Flash.
Ads will still be loaded, but Flash content that isn’t considered central to the web page you’re on will be “auto-paused,” meaning that you’ll have to click on the content before it starts playing.
Defining “central”
Microsoft doesn’t define how it decides what counts as “central,” but we imagine that the algorithm will use some combination of where the Flash came from, thus penalising third-party content sucked down from an ad network, and where it will be displayed, thus penalising animations around the edge of the page:
Peripheral content like animations or advertisements built with Flash will be displayed in a paused state unless the user explicitly clicks to play that content. This significantly reduces power consumption and improves performance while preserving the full fidelity of the page. Flash content that is central to the page, like video and games, will not be paused.
In other words, Microsoft, like Apple and Google before it, isn’t admitting that having the Flash plugin in your brower might be a security risk, and it isn’t jumping into the argument about whether the online ad industry is out of control or not.
It’s mostly about battery life.
Ironically, uninstalling Flash isn’t enough to eliminate ads these days.
Amazon, for example, banned Flash ads from September 2015, but apparently as a way to make ads more likely to appear, given the ever-increasing popularity of blocking browser-based Flash:
[Amazon’s ban on flash ads] ensures customers continue to have a positive, consistent experience across Amazon and its affiliates, and that ads displayed across the site function properly for optimal performance.
What to do?
Like you, we’ve noticed how power-hungry Flash content can be (if you live in a warm climate, your laptop fans can be a handy early-warning system for battery-sapping web pages), so Microsoft’s announcement is a welcome one.
Nevertheless, we’re sticking to our recommendation to try turning Flash off, and uninstalling it altogether if that works for you.
Indeed, we’re not yet sure how much protection Edge’s “auto-pause” is likely to give you against deliberately-poisoned ads, because the ads will still be loaded, which implies that some Flash code in the ads might get to run anyway, even if it doesn’t get to run for long before it gets paused.
With two zero-day patches in two months, and ever-fewer sites that actually need Flash, we think it’s a potential security risk that you’d do better to eliminate altogether if you can, rather than simply skating around it.
[contentblock id=73 img=gcb.png]
