Today, December 31, 2020, Adobe Flash Player officially reaches end of life. Adobe will stop distributing it, browsers have already removed or are removing support, and a technology that defined an entire era of the web will finally be laid to rest. After years of deprecation warnings and migration efforts, the plug is literally being pulled.
I know Flash has been the punching bag of the web development community for the better part of a decade. But having worked through the era when Flash was genuinely revolutionary, I think it deserves a more nuanced farewell than most people are giving it.
What Flash Actually Did for the Web#
It’s easy to forget now, but in the late ’90s and early 2000s, the web was boring. HTML 3.2 gave you tables, fonts, and not much else. JavaScript was a toy language that couldn’t reliably work across browsers. CSS was in its infancy. If you wanted rich interactivity, animation, audio, or video on the web, Flash was essentially your only option.
Flash gave us YouTube before HTML5 video existed. It gave us web-based games, interactive learning platforms, and rich media experiences that simply weren’t possible with the native web stack. Entire categories of web applications — from video players to data visualization dashboards to interactive maps — were pioneered in Flash.
Macromedia (later Adobe) Flash was also remarkably accessible to creators. The authoring environment combined a visual timeline editor with a progressively capable scripting language (ActionScript) that let designers create interactive content without being full-time programmers. It democratized rich media creation on the web in a way that nothing else did at the time.
Why It Had to Go#
Of course, Flash had serious problems — and they only got worse as the web evolved.
Security was perhaps the most damaging issue. Flash’s extensive capabilities meant an enormous attack surface, and Adobe struggled for years to keep up with the constant stream of zero-day vulnerabilities. For security-conscious organizations, Flash became a liability that was difficult to justify.
Performance was another persistent complaint. Flash content was notoriously CPU-hungry, drained laptop batteries, and could bring browsers to their knees. On mobile devices, the experience was even worse — which is partly what led to Steve Jobs’ famous 2010 open letter “Thoughts on Flash”, declaring that iOS would never support it.
Proprietary control was the philosophical issue. Flash was a proprietary plugin owned by a single company, sitting as a black box inside the browser. Content inside Flash wasn’t indexable by search engines, wasn’t accessible to screen readers, and wasn’t part of the open web. As the web standards community gained momentum, this became increasingly untenable.
The rise of HTML5 ultimately made Flash unnecessary. The <video> and <audio> elements, Canvas, WebGL, CSS animations, and the maturation of JavaScript engines collectively replicated most of what Flash could do — natively, in the browser, without a plugin.
The Preservation Challenge#
One thing that genuinely concerns me about Flash’s death is the preservation question. There’s an enormous body of creative work — games, animations, interactive art, educational content — that was built in Flash and is effectively going dark. The Internet Archive has been working to preserve Flash content using Ruffle, an open-source Flash emulator written in Rust, but the sheer volume of Flash content on the web means much of it will simply disappear.
This is a broader problem with proprietary formats and platforms. When the technology dies, the content dies with it. It’s a lesson worth remembering as we build increasingly complex web applications on today’s frameworks and platforms. What will happen to all our React apps in 20 years?
Lessons for Today’s Web Developers#
Flash’s arc from revolution to revulsion teaches us a few things that are still relevant:
Open standards win in the long run. Proprietary technologies can move faster and deliver more impressive results in the short term, but open standards create a more resilient and interoperable ecosystem. The web standards process is slow and sometimes frustrating, but the result — a web that works everywhere, for everyone — is worth the wait.
Security can’t be an afterthought. Flash’s security problems weren’t just bugs to be patched; they were architectural. The plugin model, with its broad system access and complex attack surface, was fundamentally difficult to secure. When you’re designing systems today, consider the security implications of your architectural choices, not just your implementation details.
Mobile changes everything. Flash’s inability to work well on mobile devices was a death sentence in a world that was rapidly going mobile-first. If your technology doesn’t work on the devices people actually use, it doesn’t matter how capable it is on the desktop.
My Take#
I have a soft spot for Flash, and I’m not ashamed to admit it. I built some of my early interactive web projects with it, and there was a creative energy in the Flash community that I haven’t quite seen replicated since. Flash developers pushed the boundaries of what was possible on the web and, in doing so, helped define what the web needed to become.
But it was time. Flash’s security track record alone justified its retirement, and the modern web platform is genuinely more capable, more open, and more accessible than Flash ever was. The transition took longer than it should have — we’ve been talking about “killing Flash” since at least 2010 — but here we are.
So goodbye, Flash. Thanks for the games, the animations, the loading bars, and yes, even the security nightmares. The web you helped create has outgrown you, and that’s exactly as it should be.
Happy New Year, everyone. Here’s to whatever the web becomes next.