Is Adobe Flash Safe to Use for Online Registration?

  • Thread starter Thread starter kyphysics
  • Start date Start date
  • Tags Tags
    Flash
Click For Summary
SUMMARY

Adobe Flash is no longer a safe option for online registration due to its numerous security vulnerabilities and deprecation across major browsers. Mozilla Firefox has blocked Flash content since 2016, and Microsoft Edge has removed support for Java plugins entirely. Users are advised to avoid using Flash unless absolutely necessary, as it poses significant risks, especially when accessing untrusted websites. Alternatives like HTML5 are now widely supported, making Flash largely obsolete.

PREREQUISITES
  • Understanding of web technologies, particularly HTML5
  • Familiarity with browser security settings and plugin management
  • Knowledge of anti-malware software and its importance
  • Awareness of the historical context of Adobe Flash and its vulnerabilities
NEXT STEPS
  • Research the transition from Adobe Flash to HTML5 for web applications
  • Learn how to configure browser settings for managing plugins securely
  • Explore the latest anti-malware solutions like Norton or McAfee
  • Investigate the security implications of using outdated web technologies
USEFUL FOR

This discussion is beneficial for web developers, IT security professionals, and users who need to navigate legacy systems requiring outdated technologies like Adobe Flash.

kyphysics
Messages
685
Reaction score
445
Not a computer person, but a website I am interested in registering with requires Adobe Flash (along with Microsoft Edge browser and Java).

I've seen warnings here and there about Flash being dangerous, but never looked into them from a technical perspective, nor followed up with those news bits (I just chose to never install it).

Now, I'm in a position where I would need it for a site to work (although, I don't have to register with that site, as it's not essential for my life). Any idea if Flash (or those other programs I listed) are dangerous to use?

Thanks!
 
Computer science news on Phys.org
Those technologies are being deprecated. They have many security flaws and even thought some browsers have removed support for them, Flash at least continues to release new versions which keep getting exploited time after time.

Firefox was going to ditch the Java plugin by the end of 2016 and if I am not mistaking, we are in 2017 and it should be gone already.
-Source: https://blog.mozilla.org/futurereleases/2015/10/08/npapi-plugins-in-firefox/

Edge already ditched java at least for version 9. It doesn't support plugins at all:
https://www.java.com/en/download/faq/win10_faq.xml
http://www.theverge.com/2016/1/28/10858250/oracle-java-plugin-deprecation-jdk-9

I leave this link here for the sake of completeness of the answer:
https://www.cvedetails.com/vulnerability-list/vendor_id-53/product_id-6761/Adobe-Flash-Player.html
(A list of vulnerabilities of Flash Player.)
kyphysics said:
(although, I don't have to register with that site, as it's not essential for my life)
That being the case I'd avoid it.
 
Last edited by a moderator:
  • Like
Likes   Reactions: member 563992
It attacked me yesterday, with a knife!
 
Flash technology was a monopoly for many years and as such it became target of various kinds of attacks. Now, while there were some good efforts to patch vulnerabilities as soon as they were getting discovered, there were many flaws in the software of the plugin itself and of course there is a fair share of responsibility for this, belonging to the companies that developed / maintain it. But I think that browser and other software vendors involved, have their fair amount of responsibility too, as they didn't like to adopt it, because of its monopoly state and this, in my opinion, is only partially justified. No one can deny its usefulness but it really ended up being a big unpatched vulnerability hole the recent years. Good thing is that HTML 5 specs have almost render it unneeded (not totally as of now) but there are still many websites utilizing it. Now, that said, if your OS is properly patched and you have firewall and anti-malware protection properly updated, I don't think that you run any big risk. But, as always correctly stated, the most important thing is what websites someone visits and what is doing there. After establishing this front line of defense, it is up to everyone to use the plugin or not.
 
You can install Flash and only enable it when you really need it. I leave it disabled most of the time. When a website that I trust needs it, I enable it and reload the page. When I'm done, I usually disable it. Even ignoring the risk of Flash, it aborts and slows some web sites down so much that I hate using it.

PS. I hope it goes without saying that you should make full use of an anti-malware software suite like Norton or McAfee.
 
  • Like
Likes   Reactions: stoomart, 1oldman2, OCR and 1 other person
My Firefox uses Shockwave Flash, rather than Adobe flash. It is set so that when something needs it, I get a prompt to turn it on just for the occasion.
 
  • Like
Likes   Reactions: OCR
It's odd that some government web sites still require flash...

For example, I have to use... nap - ness application portal ... to update passwords for other .gov web sites.... :oldeyes:

And, it absolutely, positively will not work without flash... click the first hit in the Google link, or click the URL ...
https://nap.nwcg.gov/NAP/# ... I guarantee you'll get a black page, if you don't enable flash.

mathman said:
My Firefox uses Shockwave Flash, rather than Adobe flash.
Same here, but I keep it disabled unless I know that I need it.

add-ons.JPG
 
  • #10
OCR said:
It's odd that some government web sites still require flash...

For example, I have to use... nap - ness application portal ... to update passwords for other .gov web sites.... :oldeyes:

And, it absolutely, positively will not work without flash... click the first hit in the Google link, or click the URL ...
https://nap.nwcg.gov/NAP/# ... I guarantee you'll get a black page, if you don't enable flash.Same here, but I keep it disabled unless I know that I need it.

View attachment 112573
My setting is "ask to activate", which gives me the option I described.
 
  • #11
mathman said:
My setting is "ask to activate", which gives me the option I described.
This is the best option if you really "must" use flash. Websites that support HTML5 usually auto-detect flash isn't available and run without it, or give you a link to access the HTML5 version. The major browsers are moving in the direction of defaulting to HTML5 when available, even if the flash plug-in is enabled.
The tinfoil hat people run flash in a hardened VM whose state is cleared upon shutdown.
 

Similar threads

My Avast Premium Security Gives Me This Scary Message
  • · Replies 7 ·
Replies
7
Views
2K
Do you want to build a website?
  • · Replies 15 ·
Replies
15
Views
3K
Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
TabletPCs for Science and Science Teaching [blog entry from 2006]
  • · Replies 3 ·
Replies
3
Views
4K
Home Repair & Maintenance Advice for Newbie?
  • · Replies 11 ·
Replies
11
Views
4K
I Need To Interview a Computer Engineer for My Engineering Class
  • · Replies 1 ·
Replies
1
Views
3K
Spyare on PSP? I may have the first known case
  • · Replies 8 ·
Replies
8
Views
3K
I could really use some help picking my optional module [GameDev]
  • · Replies 2 ·
Replies
2
Views
3K
Chemically regenerating my auto's catalytic converter?
  • · Replies 19 ·
Replies
19
Views
8K
Why can’t decay heat be harnessed to safely shutdown a nuclear reactor?
  • · Replies 14 ·
Replies
14
Views
10K