An unofficial blog that watches Google's attempts to move your operating system online since 2005. Not affiliated with Google.

Send your tips to

March 30, 2010

Google Chrome to Bundle Plug-ins for Flash and PDF

CNet reports that "Google is planning to bundle its Chrome browser and/or operating system with Adobe Systems' Flash in a deeper partnership" that is expected to be announced today.

The latest updates to Chromium, Google's open-source browser, show that Chrome will use internal plug-ins for Flash and PDF, which are likely to be bundled with the browser. Chrome has implemented some NPAPI extensions for "2D, 3D, and mouse/keyboard events" using Mozilla Pepper, a platform-independent framework for browser plug-ins. There are already switches for enabling the internal PDF and Flash plug-ins, but they don't work yet.

"Over the past few months a number of us have also been discussing some of the issues facing NPAPI as a platform independent browser plugin framework. First, we feel there are some changes needed to NPAPI to keep up with recent developments in browser technology, such as out of process plugin execution. Second, while NPAPI provides an extensive framework for writing plugins, many end up relying on operating system or browser platform specific features. This is especially true of windowed plugins that implement 2D or 3D graphics, where almost the entirety of the plugin may consist of operating system specific graphics or event APIs," explains Mozilla's wiki page.

Chrome OS could take advantage of the new plug-ins because users no longer have to install them and they'll be more stable.

In other news, a recent Chromium build added a new internal page (chrome://plugins) that lets you disable individual plug-ins.

Update: Chromium's blog has more information. Google says it has "begun collaborating with Adobe to improve the Flash Player experience in Google Chrome. Today, we're making available an initial integration of Flash Player with Chrome in the developer channel. When users download Chrome, they will also receive the latest version of Adobe Flash Player. Users will automatically receive updates related to Flash Player using Google Chrome’s auto-update mechanism."

To use the built-in Flash plug-in in the latest dev build, you need to edit Chrome's shortcut and add a flag: --enable-internal-flash to the target value. When you open Google Chrome, you're prompted to accept the license agreement:

Google Chrome includes Adobe Flash, a beta version of a runtime that will work on "a broad range of mobile devices, including smartphones, netbooks, smartbooks and other Internet-connected devices".

If you don't like Flash, there are many ways to disable it in Google Chrome: there's a new option that lets you disable individual plug-ins and you can use extensions like FlashBlock.

Google's goal is to improve the plug-in model and to make it "as fast, stable, and secure as the browser's HTML and JavaScript engines". That's a good news, even if you're not a fan of Flash or the Adobe PDF plug-in.


  1. PDF plugin for Firefox and Netscape?

    I suppose if it crashes, you can disable it.

  2. I'm not sure about this. On one hand it is nice to have the browser make prominent web activities seamless. On the other hand the OS seems like the proper place to manage third party extensions. For one I can choose the platform I want (eg: I don't use Adobe Reader, but another third party PDF reader) and not have to use whatever is chosen for me. I can also ensure the software is updated in a timely manner. While Google is pretty good about updating software I did notice, when I used Google Pack, that Firefox and other apps lagged behind updates by a few weeks at times.

    TL;DR - Less control makes me feel uncomfortable and I don't have that full confidence in Google yet.

  3. I must admit one of the reasons I like Chrome was that it was very secure. As most people know who read such articles, one of the main reasons a lot of browsers are insecure are due to Adobe products. Forcing those insecure products onto consumers seems to me like a hugely bad idea, especially with Adobes track record of fixing the problems with their products.

    That said, if I as a user still is able to use extensions like flashblock and unblock or whitelist it will be okay by me with Flash, but I still don't like Adobe Reader, simply because it's too much of a footprint compared to the functionality you get.

  4. So, no helping Mozilla adjust Open Source NPAPI "to keep up with recent developments in browser technology".

    Just bundle often targeted security risks. No pressure.

  5. That's too bad. Chrome was really secure and stable there, for a while.

    Seriously. Adobe is the source of far more than their share of security failures anymore.

    Besides, HTML5 obviates the need for Flash for most people, and no one needs a PDF plug-in at all. PDFs have their own app: Sumatra, or FoxIt, or (if you're desperate) Adobe Reader. There is absolutely no need to open a PDF in the browser frame.

  6. Bad news!!!
    We want to get rid of all those plug in's.
    For me Google's PDF viewer is better than Acrobat.

  7. great, but where is direct link to offline installer?

  8. Direct link for the latest dev version (Windows):

    The URL has the following structure:

    If Google releases Chrome version 5.0.360.4, replace VERSION_NUMBER with 360.4

  9. Looks like Google just announced this...

    I'm going to stay on the beta Chrome channel, but will keep an eye on developments. I like the idea of not having to install Flash after installing Chrome.

  10. To all the people complaining about security problems with Flash:

    This change conveys two security benefits.

    First, Chrome's update technology, which we can use to address security holes, can now be used to update Flash much more quickly and easily, dramatically reducing the vulnerability window _and_ the amount of user effort required.

    Second, this will eventually enable Flash to be protected by Chrome's sandbox. Today, someone with a Flash exploit can compromise you, and the only course of action is to disable Flash -- _if_ the exploit is known. By contrast, holes in WebKit don't automatically compromise you because attackers still need to escape the sandbox. This model is far safer for users.

    (Side note: Security has always been a primary design goal for Chrome; do you really believe we would suddenly just drop that by the wayside? Have we not earned a _little_ bit of trust as competent browser developers?)

  11. I have every faith in the Chrome team, but I fear the level of coding that comes out of Adobe (some of which I've seen myself) may be too far gone for anyone to save.

  12. @pkasting: Chrome's update technology is still dependant on Adobe releasing an update so that argument is kinda moot compared to how it works today.

    Adobe Flash being part of the browser could be okay. Ff it's going to be sandboxed then it could be great idea. Just as long as we can still block the Flash objects (FlashBlock Extension) and then unblock/whitelist them individualy or by site.

    As for Adobe Reader I sincerely hope we're not talking about forcing the entire huge and cumbersome Adobe Reader package on users, but only the plugin to open PDF's in the browser, IF Adobe Reader is installed?

    There are too many known bugs in Adobe Reader that Adobe full well knows exists and just doesn't care about, because Adobe Reader is a free product. Unfortunately in a corporate environment you're more or less forced to use Adobe Reader over other alternatives, because Adobe Reader is "known" to the userbase.

    Also, it's not the developers of Google Chrome I don't trust/finds incompetent (yet). It's the developers of Adobe Reader and Flash.

  13. Hi, on you can find the newest Dev-update, it has the Flash Player integrated!



  14. I've noticed something about this I don't like.It appears that Adobe Flash stores the websites visited on their servers.If you go to options/under the hood/content settings/adobe flash player storage settings it will take you to where all the websites visited are stored.That appears to me to be a serious privacy issue. It doesn't matter if you use Chrome or Firefox.

  15. From Adobe's page:

    "The list of websites above is stored on your computer only so that you can view or change your privacy settings or local storage settings. Adobe has no access to this list, or to any of the information that the websites may have stored on your computer."

  16. Kind of defeats the ability of "Incognito" browsing though.

  17. I have windows 7 and cannot view flash player material. I get a prompt that says the plugin is not supported. What can I do to remedy this?
    Thank you