By having the majority of undesirable web content stuck in easy-to-flag Flash buckets, it was inherently simple to block that content. I could simply whitelist a handful of sites whose flash content I wanted to see (e.g. Youtube) and block it pretty much everywhere else.
Now with everything moving to HTML5, I fear the necessary blocking ruleset will gets many times more complicated and with more false positives and negatives to boot. Am I wrong?