A Week Without Flash
Yesterday, a security
advisory from Adobe acknowledged the severity of an exploit in
active use. By Adobe’s own
numbers they claim that Flash is installed on 99% of computers; the number of those on the latest version is likely
lower, though this vulnerability affects even fully patched versions.
Personally, when fixing computers I always install Firefox and AdBlock Plus. Immediately people have less
infections, of less severity and I have less work to do. Flash is both the primary attack vector for Internet users,
and also the number one reason for crashes in the
browser. Adobe’s response to this is “use
a Flash blocker”.
This problem will not go away until people get out of their Flash comfort zone and start demanding something else.
At what point did you choose Flash? Huh? Did you ask for this crashy, unreliable, totally insecure thing?
No, it was thrust upon you by content producers.
I have for some time been living without Flash to better understand the problem and to drive me forward in demanding
and producing better solutions.
To that end, in honour of this epic cock-up by Adobe, I am instigating “Flash Free Week” to coincide
with the security advisory and the week it will take to fix it.
I am asking those who are up to the challenge to make a difference by spending a week without Flash. Don’t come to
me saying you need this, or you need that. I’ve already been going for months without Flash and
I haven’t died yet. I’m asking you to go a week without Flash even if you think you need it. Because,
as you know, they say:
If you can’t go a week without something, you have an addiction.
Ironically, what I am asking for, is actually the only way for you to be secure against this threat as there is no
workaround other than to disable or uninstall Flash. NoScript won’t save you, if a trusted site gets compromised
(which they have), you will be infected.
As it is a zero-day exploit the week will start yesterday, the 23rd and run until the 29th, so
in reality you only have to go 6 days.
Here are the Flash uninstallers.