Google Chrome starts blocking Flash tracking for better battery life and performance

Google has paid $56,500 for Chrome security bugs addressed in version 53 of the browser, which also stamps out the use of Flash for tracking users.

chrome-app-ios-logo.jpg

Google is nixing the use of Flash for analytics in its Chrome browser.

Image: Oscar Gutiérrez/CNET

Google has updated Chrome for Linux, Mac, and Windows to fix 33 security flaws and reduce its reliance on Flash.

Chrome 53, which rolled-out on Wednesday, introduces another effort from the search company to snuff out Flash on the desktop and push the web towards using modern HTML5-based tech instead.

Google's Chrome to block Flash this year - except for 10 top websites

Google will soon close one more door on the Flash plugin in Chrome, requiring users to authorize each and every site where they want Flash to load, rather than running it automatically.

Read More

While Chrome continues to ship with the Flash Player plugin for now, Chrome 53 puts an end to the use of Flash in the background for page analytics.

"This kind of Flash slows you down, and starting this September, Chrome 53 will begin to block it. HTML5 is much lighter and faster, and publishers are switching over to speed up page loading and save you more battery life. You'll see an improvement in responsiveness and efficiency for many sites," Google announced in August.

This restraint on Flash is an extension to changes introduced in Chrome 42 last year, which reduced non-central Flash content to click-to-play. By Chrome 55, which is due out in December, Google expects to make HTML5 the default experience, except for sites that only support Flash. Users will be prompted to enable Flash for those sites, otherwise it will remain disabled.

Sidelining Flash should enable performance improvements and will help downgrade a platform that is near impossible to avoid, yet a constant source of risk due to its countless bugs that are frequently exploited by attackers.

Chrome 53 also includes 33 security fixes covering 13 high-severity issues, six medium-severity issues, and one low severity issue.

The most serious of these were two universal cross-site scripting bugs in Google's Blink rendering engine, and one script injection that affected Chrome's extensions. Google paid security researchers $7,500 a piece for each of these three bugs.

So far, for Chrome 53 bug fixes, Google has paid $56,500 under its bug bounty program. However, that figure may rise after Google determines the value of three outstanding high severity bugs that were fixed in Chrome's built-in PDF reader, PDFium.

Read more on Chrome