Jump to content

Sen. Ron Wyden: Adobe Flash is doomed, why is Uncle Sam still using it?


steven36

Recommended Posts

Techno-dem urges DHS, NSA and NIST to rid sites of buggy legacy media player content

 

https://s7d7.turboimg.net/sp/ef6efe4ec2d3c2e959f1307c4a6fd503/virus_1_648.jpg

 

It's bug-ridden, eternally insecure, and on death row – yet Adobe Flash persists on too many US government webpages.

 

Now Senator Ron Wyden (D-OR) wants to hear the sound of this deity-forsaken plugin torn from .gov websites, dragged behind a shed, and a single final gunshot.

 

Regular Reg readers will remember that even Adobe has seen written the writing on the wall, and last year set 2020 as the end-of-support date for its beleaguered exploit magnet.

 

In a letter [PDF] to NIST under-secretary Walter Copan, NSA director, US Cyber Command commander Paul Nakasone, and secretary of Homeland Security Kirstjen Neilsen, Wyden today asked the agencies to learn from Microsoft Windows XP: it's expensive to ask vendors continue fixing up out-of-support software. In other words, stop relying on it, get rid of it, and replace Flash files with HTML5.

 

He has the NSA, DHS and NIST in his sights because those three government organizations carry “the majority of cybersecurity guidance” to the rest of Uncle Sam's agencies. Wyden wants government officials to stop creating new Flash content within 60 days, and also asks that:

  • Agencies remove Flash content from their websites by August 2019;
  • To aid in that effort, the DHS's “routine cyber-hygiene scans” should identify, and list for agencies, all Flash content found; and
  • Agencies should pilot removing Flash from staff computers, starting in March 2019, ahead of expunging it by August 1, 2019.

 

Wyden noted that US-CERT “has warned about the risks of using Flash since 2010” – making it a latecomer: the earliest Flash fsckup we can find in El Reg's archives seems to be this directory traversal horror from 2007.

 

When the plugin falls out of support, Wyden wrote, “cybersecurity risks will only be compounded.”

 

We couldn't agree more. Stop using Adobe Flash.

 

Source

Link to comment
Share on other sites

  • Replies 0
  • Views 359
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...