Google
 

Aardvark Daily

New Zealand's longest-running online daily news and commentary publication, now in its 19th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.

Content copyright © 1995 - 2015 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk



Please visit the sponsor!
Please visit the sponsor!

Flash bang wallop (again)

27 January 2015

Unfortunately, Adobe's Flash has become an integral part of the web as we know it.

I say "unfortunately" because this piece of software has been the focus of countless hacking attacks over the years and Adobe's reputation for distributing incredibly vulnerable code remains unchallenged.

As if to prove the point, yet another emergency patch has just been released, as documented in this BBC story

So why are web developers so infatuated and addicted to infecting their pages with Flash?

One of the major uses of Flash is to create dynamically loading media players, so as to deliver video to webpages.

This may have been the only alternative a couple or three years ago but this is 2015. Have our web designers not heard of HTML5?

For fancy menuing and other "look how clever this web designer is" features there are JavaScript, DHTML and other far less risky technologies available to anyone with half a brain - yet far too many websites still rely heavily on Flash.

Of course I have enabled Firefox's ability to block Flash apps from running and the only site which I actually give permission for it to run is YouTube -- mainly because I sometimes need the functionality that it delivers on that site.

If you explore the history of security vulnerabilities on the Net you'll find that the top offenders (outside of browser and OS vulnerabilities) are Adobe's Acrobat reader and Flash -- yet these remain defacto standards almost everywhere.

Is it just that we enjoy the familiar feel of a "kick me" sign on our backs or something?

In the latest reported vulnerability it seems that Flash-based ads have been used to help deliver ransomware to PCs. This code then encrypts a victim's hard drive and demands the payment of a small (but significant) sum before the data will be restored. This is nasty stuff.

I'd be very interested to hear what readers' strategies are for dealing with the evil that is Adobe's crappy, insecure PDF reader and Flash. Do you simply ban these things from your computer? Do you use "compatible" applications from other sources? Or do you carefully control exactly when these bits of code are allowed to run?

And how long before we can banish these things from our computers forever, without compromising the functionality of the websites on which we rely?

Please visit the sponsor!
Please visit the sponsor!

Have your say in the Aardvark Forums.

PERMALINK to this column


Rank This Aardvark Page

 

Change Font

Sci-Tech headlines

 


Apart from the kind support of the sponsor, Aardvark Daily is largely a labour of love that involves many hours of hard work each month. If you appreciate the content you find here (or even if you don't) then please visit the sponsor and also feel free to gift me a donation using the button above.

Remember, this is purely a gift, you'll get nothing other than a warm fuzzy feeling in return.


Features:

Beware The Alternative Energy Scammers

The Great "Run Your Car On Water" Scam

 

The Missile Man The Missile Man book

Previous Columns

The unforeseen peril of Kickstarter?
There aren't too many women out there in geekland but Jeri Ellsworth is one of the few of note...

Microsoft to stop selling Windows?
Windows has been the core-product of Microsoft for decades now...

At last, a free lunch online?
In a rather surprising move, Spark (nee Telecom) has announced that it's going to give all of its customers a 12 month subscription to its Lightbox streaming video service -- for free!...

Fear mongering on Stuff.co.nz
I could not believe my eyes this morning when I read a story in the technology section of the Stuff website...

Speeding, what the?
The police keep telling us that speeding is a major cause of accidents and death on our roads...

Martin Aircraft Co finds strange bedfellow
The Martin JetPack (MJP) has been underwhelming in respect to its delivery on the promises made for it since the first tentative "hops" at Oshkosh several years ago...

Using a Microsoft wireless keyboard?
Wireless keyboards are great...

All your conversations are belong to us
The world was gobsmacked yesterday at a proposal by UK Prime Minster David Cameron...

Cyberspace, the new battle-ground
According to reports published this morning, two social media accounts of the US Central Command were hacked by a group supporting ISIS...

CNN stuff it up badly
As regular readers will know, I absolutely hate it when some smart-arsed company ruin a perfectly good website by deciding to fix stuff that isn't broken...