Google's Chrome to pull plug on plugins next September

Firing squad scheduled for ancient Netscape tech

Google is moving ahead with its plan to end support for Netscape plugins in its Chrome browser – and has set next September as the date for when they will stop working altogether.

The Chocolate Factory announced its intention to drop the venerable Netscape Plugin API (NPAPI) tech in September 2013. At the same time, it urged browser extension makers to upgrade their code to use newer technologies, such as Google's own Pepper Plugin API (PPAPI).

Current versions of Chrome already block NPAPI plugins automatically, with the exception of a short whitelist of approved plugins. Users have to manually authorize plugins to run on specific sites.

On Monday, however, Google said its next step will be to remove the whitelist so that no NPAPI plugins will run on any sites without user intervention, beginning in January 2015.

Next up, the version of Chrome that ships in April will arrive with NPAPI support switched off by default. Users will no longer be prompted to enable Netscape plugins for sites that request them; the plugins simply won't run at all.

That version of the browser, however, will include an override feature that will allow "advanced users" to re-enable NPAPI support using a hidden configuration option or via Enterprise Policy.

"Although plugin vendors are working hard to move to alternate technologies, a small number of users still rely on plugins that haven't completed the transition yet," Google engineer Justin Schuh said in a blog post.

That reprieve will only last until September 2015, though. That month's stable release of Chrome will remove support for NPAPI completely, and Google says it will never come back.

Google's plugin retirement plan mainly applies to Windows users. Chrome users on OS X lost support for most NPAPI plugins last week when Google killed off the 32-bit version of its browser for Macs. The 64-bit version can't run old, 32-bit plugins.

There is also a 64-bit version of Chrome for Windows, but so far it's optional. The Chrome download page defaults to the 32-bit version, even for users running 64-bit versions of Windows.

Truthfully, though, losing support for NPAPI plugins won't affect most Chrome users. Support for Adobe Flash is already built into the browser and doesn't need a separate plugin.

As of October 2014, Google says the plugins most frequently launched by Chrome users were Microsoft Silverlight, Google Talk, Java, Facebook's video chat plugin, the Unity gaming engine, and Google Earth, in that order. Of these, Silverlight – the most popular one – was only launched by 11 per cent of Chrome users. ®

Similar topics

Other stories you might like

  • Millions of people's info stolen from MGM Resorts dumped on Telegram for free
    Meanwhile, Twitter coughs up $150m after using account security contact details for advertising

    Miscreants have dumped on Telegram more than 142 million customer records stolen from MGM Resorts, exposing names, postal and email addresses, phone numbers, and dates of birth for any would-be identity thief.

    The vpnMentor research team stumbled upon the files, which totaled 8.7 GB of data, on the messaging platform earlier this week, and noted that they "assume at least 30 million people had some of their data leaked." MGM Resorts, a hotel and casino chain, did not respond to The Register's request for comment.

    The researchers reckon this information is linked to the theft of millions of guest records, which included the details of Twitter's Jack Dorsey and pop star Justin Bieber, from MGM Resorts in 2019 that was subsequently distributed via underground forums.

    Continue reading
  • DuckDuckGo tries to explain why its browsers won't block some Microsoft web trackers
    Meanwhile, Tails 5.0 users told to stop what they're doing over Firefox flaw

    DuckDuckGo promises privacy to users of its Android, iOS browsers, and macOS browsers – yet it allows certain data to flow from third-party websites to Microsoft-owned services.

    Security researcher Zach Edwards recently conducted an audit of DuckDuckGo's mobile browsers and found that, contrary to expectations, they do not block Meta's Workplace domain, for example, from sending information to Microsoft's Bing and LinkedIn domains.

    Specifically, DuckDuckGo's software didn't stop Microsoft's trackers on the Workplace page from blabbing information about the user to Bing and LinkedIn for tailored advertising purposes. Other trackers, such as Google's, are blocked.

    Continue reading
  • Despite 'key' partnership with AWS, Meta taps up Microsoft Azure for AI work
    Someone got Zuck'd

    Meta’s AI business unit set up shop in Microsoft Azure this week and announced a strategic partnership it says will advance PyTorch development on the public cloud.

    The deal [PDF] will see Mark Zuckerberg’s umbrella company deploy machine-learning workloads on thousands of Nvidia GPUs running in Azure. While a win for Microsoft, the partnership calls in to question just how strong Meta’s commitment to Amazon Web Services (AWS) really is.

    Back in those long-gone days of December, Meta named AWS as its “key long-term strategic cloud provider." As part of that, Meta promised that if it bought any companies that used AWS, it would continue to support their use of Amazon's cloud, rather than force them off into its own private datacenters. The pact also included a vow to expand Meta’s consumption of Amazon’s cloud-based compute, storage, database, and security services.

    Continue reading

Biting the hand that feeds IT © 1998–2022