HTML5 Ads Aren't That Safe Compared To Flash, Experts Say

An anonymous reader writes: [Softpedia reports:] "A study from GeoEdge (PDF), an ad scanning vendor, reveals that Flash has been wrongly accused as the root cause of today's malvertising campaigns, but in reality, switching to HTML5 ads won't safeguard users from attacks because the vulnerabilities are in the ad platforms and advertising standards themselves. The company argues that for video ads, the primary root of malvertising is the VAST and VPAID advertising standards. VAST and VPAID are the rules of the game when it comes to online video advertising, defining the road an ad needs to take from the ad's creator to the user's browser. Even if the ad is Flash or HTML5, there are critical points in this ad delivery path where ad creators can alter the ad via JavaScript injections. These same critical points are also there so advertisers or ad networks can feed JavaScript code that fingerprints and tracks users." The real culprit is the ability to send JavaScript code at runtime, and not if the ad is a Flash object, an image or a block of HTML(5) code.

Wouldn't be an issue if Firefox was relevant.

If anyone is to blame, I think it would be Mozilla for making Firefox irrelevant by trying to imitate Chrome, even when Firefox's users said very emphatically that they didn't want that.

Firefox used to have over 30% of the market. Now the latest market share stats show that Firefox is down to maybe 7% across all versions on the desktop, with essentially no mobile presence at all.

When Firefox had 30% of the market, it was a force to be reckoned with! It held real sway over how the web developed. But then it's like the Firefox developers decided to throw it all away, for no good reason at all. I think that they trashed Firefox's UI, they added unwanted crap like Pocket and Hello. They even embedded ads into Firefox! Now Firefox is down to just 7% of the market, and this number is dropping. Nobody cares about a browser with only 7% of the market.

And don't waste your time trying to blame Firefox's decline in market share on Google advertising Chrome, or mobile becoming more widely used than desktop browsers (which isn't actually the case), or any other bullshit excuse like that. It was the numerous unwanted changes that Firefox's developers made that drove a large mass of Firefox users away.

Firefox users were faced with a really bad set of choices: either they could use Firefox and get a slow, bloated Chrome-like experience, or they could use Chrome and at least get a fast, lightweight experience. So they did the only sensible thing and used Chrome, even if they hated it. At least it wasn't as bad as the alternatives!

I think that the web would have been very different if Firefox had been developed sensibly, instead of what actually happened to it. Chrome would probably be much less used, and we'd see a more open and less commercialized web. Mozilla could have turned Firefox into a champion of privacy and an ad-free web. Instead all we ended up with was a shitty imitation of Chrome that has no influence at all on the web.