“Adobe Flash, Adobe Reader, and Oracle’s Java. All three are virtually ubiquitous on modern-day PCs, and all three provide handy-dandy functionality—functionality that, in the case of Flash and Java, can’t be directly reproduced by a third-party solution,” Brad Chacos writes for PCWorld. “If we lived in a vacuum, it would be hard to argue that the trio doesn’t deserve its spot on computers around the globe.”
“We don’t live in a vacuum, though,” Chacos writes. Here in the real world, widespread adoption of the software makes all three irresistible targets for hackers and malware peddlers. The attacks reached a fever pitch in the early months of 2013, with a flood of reports about Flash, Reader, and Java exploits.”
Chacos writes, “But don’t yank out that ethernet cable or wrap your desk in a Faraday cage just yet. You don’t have to use Java, Flash, and Reader just because everyone else does. I spent more than a week without Reader, Java, Flash, and their respective browser plug-ins to see if it’s possible to live without the software and not suffer massive migraines.”
Read more in the full article here.
I disagree. These three things do not live an my “modern day PC. Which is a Mac. Adobe reader is completely unnecessary. Java on the web is pretty much dead. And Flash, OK, there are (still) a lot of sites, like restaurant sites that use it. But certainly not essential. I run FF for those.
Maybe a consortium of computer companies and academic institutions should pool patents and develop a new framework to replace these legacy technologies and share it across platforms. The highest priority should be security and stability.
That accomplished, we can retire these legacies of a simpler time.
They already do, it’s called HTML 5.
HTML 5 is a step, but not the solution.
HTML5 is a solution, not a step.
so tell me why it is not the solution. I develop content using HTML5. Tell, me oh expert one?
Not claiming to be an expert. Just saying it it not without security issues.
I have a teacher friend who asked me what they could do to increase productivity. I of-course said buy everyone an iPad.
A year later his biggest peeve is they have problems with playing FLASH videos. He told me they use some app that is supposed to allow FLASH videos to play….but it’s touch and go and often hangs.
Yeah, lots of educational stuff done in flash. It’s easy to make quick examples of tough problems and easy to make interactive and fun teaching/learning tools. A lot of sites still have legacy video encoded in flash as well, making things even worse. It’ll be a while before flash completely goes away.
Work requires java (old..banned version at that..)..So I just use a locked down windows VM 😉
Author has done nothing to increase security. To increase security, you don’t throw out the baby with the bath water. While it’s a good idea to not allow Java in the browser, Java is essential to many enterprise software initiatives. And, before you all wail boo hop, it was done so for security reasons stemming from ActiveX architectures.
Flash is on the way out, but not at the pace we would all like. Part of that problem has to do with authoring rich content. While Ajax has made some inroads, it is not yet as robust as Flash. Remember, Flashes insecurity is burdened by having it do things it was never meant to do.
Reader is essential if your PDF needs are more than trivial. while Preview is nice, it does not do several things that Reader does; interactive PDF comes to mind.
The real security conscious user stays up to date on their software and is mindful that the open Internet is a not so friendly place.
I can turn Java off in Safari, but is that enough? Is Java installed in the Mac OS system somewhere?
The article would have been better had it provided some actual instruction, say… like HOW to remove Java, rather than just telling readers to remove it. I hate articles like this that tell you do do something, but don’t tell you how.
You might want to read this Lifehacker comment thread to understand exactly what Java is: http://lifehacker.com/5988800/what-is-java-is-it-insecure-and-should-i-use-it?post=58037075. You’re talking about two separate things here: the Java browser plugin which allows Java applets to run in Chrome/Safari/Firefox/etc, and the actual programming language of Java itself. The browser plugin is problematically insecure and not often needed in the first place, as outlined in many articles on the web. The programming language, in and of itself, is NOT fundamentally “insecure,” and is used in countless applications. “Is Java less secure than the other development languages? The answer is a clear-cut ‘NO!’. If the answer would have been yes, you’d probably want to throw away your DVD and Blueray players, your refrigerators, phones, cars and many other devices that run Java. That’s right.”
If one blocks these legacy technologies, the WordPress comments notification on MDN no longer works.
Flash might be an irritating, worthless, insecure, resource-gobbling, piece-of-shit 1990s runtime.. but it just won’t die while online media people write sites that use it ‘exclusively’. Try, e.g., ecampusnews.com this without flash. (And these are meant to be the people telling us about *accessible* e-education (!!), even while their newsletter won’t run on a mobile device or a modern, i.e. Flash-less, computer.)