Why would FedEx require users to enable Flash as "run always?" Is there really not a better solution available to simply whitelist their site or be given a pop-up in Chrome asking to enable it temporarily?
Who knows, but my best guess is that it was the easiest set of instructions to give. The more complicated you get, the less likely anyone is to actually do it.
It actually irks me a bit about Chrome/Firefox. I understand they want to kill these addons. But I still unfortunately am forced to use sites that require Java and/or Flash. I'm just grateful MS still has the older version of IE available in Win10 so I can get these important things done.
One example: website which uses USB crypto tokens for digital signatures. In Kazakhstan (and, I guess, many other countries) every citizen can get digital certificate, signed by government CA and use it to sign electronic documents. It's used for many government internet services, for example. But there's no API even in modern browsers, to work with USB devices, so Java applet is one way to do it.
That said, Java applets are effectively dead, so government services now require installing and running separate program which listens at localhost for connections from browser. Honestly, it doesn't look like a big win for me, more like a big loose, from a security point. But here we go.
Those are rumors. Currently Internet in Kazakhstan works fine without installing any certificates. I wouldn't be surprised, if they would do it, but not yet.
And, yes, those certificates are unrelated, AFAIK.
Don't know about the original poster, but there are still a ton of crappy managed switches/APs/other embedded devices that use Java applets for configuration in operation.
In a past life, I had to keep two different browser installs, each with a different JVM version in obsolete browsers, aside from my "real" browser to deal with crap like that.
I just had to help someone enable Java applets earlier this week, in order to take an online typing test required by a temp agency. At some companies, it seems the 1990's never stopped happening. :/
Those are probably ancient corporate tools, either made in-house or by some 3rd party that won't update to newer technology without enough of a monetary incentive.
We're always happy to talk about personal experiences removing Java and never regretting it.
I've been through multiple attempts at doing it in an enterprise, one in January this year, and it always ends with the determination that Java applets are critical to websites used by the business and not going anywhere. Healthcare portals are a big offender.
Education. A lot of science simulations I would use for my classes are Java Applets. Also the equation editor I have to use for creating tests (yes it's web based...) is a java applet.
It's a total nightmare because most of it is abandonware or is still for sale but unmaintained!
I guess digital signature, mostly. Signing documents without your private key leaving the computer. It's not something you can do easily cross-browser.
And that Java app is basically just a web server, which they could rewrite in node or ruby and then I wouldn't need a JVM on my machine any more just to configure my router.
If FedEx relies on opening a .swf file directly in a new window, you need to select Run Always, because Google apparently doesn't give a shit about doing things right and made it so no amount of whitelisting will allow it to run .swf files directly (instead it just downloads the .swf).
No, they really aren't. If a site opens a .swf file in a new window, Chrome should behave exactly as though it opened an HTML page that embedded the SWF, i.e. letting me approve it, and playing it if I've whitelisted the domain. Instead it will always download the SWF if you have your Flash content settings set to anything else besides Run Always. It's really stupid and it means I have to keep Flash enabled globally (which I really don't want to do) simply because Google doesn't care enough to handle edge cases properly.
I would rather know where flash beings and ends and have to jump through hoops. Actually I would prefer it never run at all ever. Flash not run is "right".
There have been too many security flaws where Flash would allow remote execution of arbitrary code, and that eventually means viruses. If my family gets a virus, then I am on the hook for it.
Yes, this is precisely why Chrome's current behavior is awful. It's forcing me to set Flash to "Run Always", which is a security and privacy problem, simply because one site I use opens .swf files in new windows instead of embedding them in HTML pages.
It actually irks me a bit about Chrome/Firefox. I understand they want to kill these addons. But I still unfortunately am forced to use sites that require Java and/or Flash. I'm just grateful MS still has the older version of IE available in Win10 so I can get these important things done.