Say no to Flash

Today, the Sydney Morning Herald published an article entitled Why you should uninstall Adobe Flash Player. Without boring you with technical details, Operation Pawn Storm, a Russian cyber-espionage operation has exploited Flash’s Zero-Day flaw.

As of the current writing by Trend Micro, the US government and media, NATO, and opponents of Vladimir Putin, and governments in Europe, Asia and the Middle East have all been affected.

So it’s pretty serious.

So what have we learned?

Like so many security flaws, Operation Pawn Storm spreads predominantly a link in an email, which goes to a web page with a nefarious Flash app on it. Often, the aim is to steal some sort of login credentials, like your email login.

But that’s just a mechanism.

It’s easily defeated by either being vigilant when clicking on a link in an email, or uninstalling Flash.

Steve Jobs banged on about the dangers of Flash years ago, in his excellent, well-argue Thoughts On Flash article. You can read the whole thing if you like, but the key takeaway is this…

THAT ARTICLE WAS WRITTEN 5 YEARS AGO, AND ADOBE STILL HASN’T FIXED FLASH.

Like an old car

Flash is like an old car. It’s familiar. The mechanics who work on it are comfortable with it. It makes money (for advertisers, at least).

But just like an old car without airbags, high-mount stop lights, and crumple zones (to name a few safety features) it’s just too dangerous to keep using. Moreover, the world has moved on. There’s nothing Flash does that HTML5 and H264 (for video) doesn’t do. There’s no reason to keep it.

So, like your old floppy drive, CD player, and analog phone system, it’s time to let Flash go.

Turning a corner

At iHelp IT we are constantly trying to keep the data of our client’s computers safe from harm. There is no more important asset on your Macs that the data therein, and that includes the data you access which is stored on other systems: your email access, your bank account details, the photos of your kids on Dropbox.

So iHelp IT’s advice is to uninstall Flash. There’s less and less need for it, so it’s time to let it go.