CrazyEngineers
CrazyEngineers
  • Google Chrome has long endured the shortcomings like Browser crashes, hangs, security incidents, and code complexity due to the plug-ins that were based on the NPAPI architecture. As a permanent solution to this problem, Google has decided to completely remove support for the NPAPI's 90s-era architecture. The news got confirmed when Justin Schuh, a Google Chrome security engineer declared in a blog post saying, "Chrome will be phasing out NPAPI support over the coming year." First developed for Netscape, NPAPI (Netscape Plug-in Application Programming Interface) has long been the most popular plug-in architecture, supported by browsers like Mozilla Firefox, Google Chrome, Apple Safari, Opera and Konqueror.

    chrome

    This move just goes to say that the vulnerabilities faced by Google Chrome due to the presence of these browser plug-ins that quietly install malware on computers when users visit compromised or malicious websites, will be completly removed. The company said it will "temporarily whitelist" these popular plug-ins on Chrome to run through NPAPI starting in January 2014. So, the list of the famous plugins that are getting affected include -
    • Silverlight
    • Unity
    • Google Earth
    • Java
    • Google Talk
    • Facebook Video
    And of that list of most-popular NPAPI plug-ins, Java is already blocked by default for security reasons. Microsoft chose to enable Flash Player in Windows 8 through an exceptional procedure. Let us know what are your views on this move.
    Replies
Howdy guest!
Dear guest, you must be logged-in to participate on CrazyEngineers. We would love to have you as a member of our community. Consider creating an account or login.
Replies

  • Jibak Baksi

    MemberSep 29, 2013

    Just to share my latest findings on this topic:

    Justin Schuh, also revealed in his blog, that Mozilla strategies to start blocking NPAPI plug-ins by default on and from December 2013 once the release of Firefox 26 is kick started.

    Mozilla has already prohibited some archaic plug-ins that pose a high level of security risk and in January, broadcasted plans to block all plug-ins except for the most contemporary version of Flash Player once its effort on the click-to-play user interface is thorough. The Firefox click-to-play enhancement is still in beta testing phases and can only be facilitated currently by retrieving the browser's advanced “about:config” preferences.

    It's not yet obvious whether Mozilla also aims at absolute withdrawal of support for NPAPI plug-ins from Firefox in the coming years. A representative, upon questioning, was not able to immediately elucidate the status quo.
    Are you sure? This action cannot be undone.
    Cancel
Home Channels Search Login Register