Adobe asks users to uninstall Flash

Creative-software house Adobe is urging users to uninstall Adobe Flash, before the software reaches End-Of-Life (EOL) in December 2020.

System administrators can find details on the end of Flash support here.

Flash is being retired for cybersecurity reasons: the same technology which can easily load web-based games or other client-side content is especially vulnerable to exploitation by hackers to run malicious scripts on a user’s device.

Adobe state in an update on their website that all security updates, and the availability of all version downloads, will cease from this date.

Flash-based content will also cease working – leading technical experts to suggest Adobe have recently programmed a ‘time-bomb’ into the code of Flash Player to render it useless after the supported date. This should help prevent users seeking out third-party versions, and represents one of the strictest policies towards end-of-life enacted by a major software developer.

Fewer and fewer websites still operate this way (possibly as low as 2.6%) since the original announcement of the technology being retired in July 2017. This follows major browser developers, including Google, Microsoft, Apple & Mozilla urging developers to transition to HTML5 and Javascript alternatives that are more integrated into the browser itself.

For Cybersecurity and IT expertise, contact our team today.


Why USB drives are terrifying

USB drives are a security nightmare. From losing files, to sharing them inadvertently, or accidentally installing something malicious, these tiny handheld digital storage grenades are a data-protection disaster waiting to happen.

Many people can’t help themselves. Sometimes it’s just so useful to be able to move a file to a separate computer, or carry a copy of that file on a handy keyring.

It’s true that too many operating systems auto-run memory sticks. As users we could perhaps be more careful though – find a USB and it’s tempting to plug it in… a 2016 University study suggested roughly half of those who find a memory stick on the ground will plug it in without thinking.

In particularly data-sensitive environments options are available to either disable PC USB ports, or remove them from a PC entirely. At the very least, businesses preparing for this summer’s new GDPR regulations need to take some sensible USB security precautions:

 

1. Be strict.

Ask yourself whether it’s entirely necessary to put this file on a memory stick, and be harsh about what files you copy. Memory sticks now hold terabytes of data, and are too easy to drop, or leave on the train.

GDPR is naturally concerned with sensitive personal data, and not your supermarket shopping list. Nobody ever intends to lose a file full of personal data, so you should think twice before putting the former on a USB drive, while the latter is probably OK.

 

2. Don’t allow easy access to your network.

USB based viruses come in a variety of forms – from cheap foreign spyware purchased online, to the fascinatingly complex (and probably Western-sponsored) ‘Stuxnet’ worm which famously sabotaged the Iranian nuclear program with planted USB drives in 2011.

The best antivirus softwares (for example Lineal’s recommended ESET antivirus) automatically offer to scan a newly connected memory stick for malicious software, before the user accesses the files. This only takes a few seconds, but it’s strongly advised to let your antivirus act as gatekeeper for a USB stick, as you would your emails or web browsing.

usb drive security

 

3. Sharing is not caring

Sharing files via memory sticks is not sensible, not least because you’re forced to share the whole contents, including the ability to duplicate files.

You can’t be certain what any given person will do with the USB drive or its data, or what the person giving you a memory stick might have done with it previously, so it’s safer to confine USB drives to a specific individual.

 

4. Get something better

The world of IT is full of better solutions, including Apple’s useful ‘Airdrop’ function which allows direct, localised file sharing over WiFi. For company-wide systems, numerous excellent cloud-based file storage and sharing platforms are available. Microsoft’s excellent OneDrive platform is easy to use from any device, and allows businesses to share files online via the cloud, with customisable permissions to control who has access to the data at any time.

A USB drive should not be necessary to complete routine IT tasks. Thank goodness.