Adobe Flash Player is currently facing a boycott online as programmers scramble to patch gaping security holes.
The plugin, which is mainly used for running multimedia and video platforms, has been condemned after a third hackable vulnerability was found.
Dr. PJ Radcliffe, a Senior Lecturer in Electronics and Computer Engineering at RMIT, said Flash Player’s “long history of shoddy security work” means the software will continue to be exploited.
“They’re just lazy – or perhaps don’t understand proper security design – so I would predict we will continue to see problems.”
The crux of the problem lies in Flash Player’s extensive reach, with Adobe estimating the program will be used on one billion devices by the end of 2015.
But as security leaks have surfaced, browsers such as Mozilla Firefox have restricted Flash Player’s use until the release of new versions.
Update: The latest version of #Flash, released yesterday, resolved the recent security risks & is once again enabled by default in Firefox.
— Firefox (@firefox) July 15, 2015
In a statement, Adobe said Flash Player had always been a target for hackers due to being one of the “most ubiquitous and widely distributed pieces of software in the world”.
“Upon investigation, we confirmed and fixed the issues, and took steps to ensure that this class of attack cannot be used as a future attack vector.”
The current security breeches revolve around Flash Player’s use of ‘legacy code’, the name for older programming which is not equipped to deal with recent hi-tech attacks.
Website guides like Hack Like A Pro give those with a basic knowledge of how to code the tools necessary to infiltrate any computer or device.
Dr. Radcliffe said the current state of the legacy code means “every man and their dog” would be able to hack in a few simple steps.
“To fix it up properly, they would probably have to take months off and go through all their code carefully to try and eliminate these common problems.”
Flash Player’s vulnerabilities were originally exposed in the breach of IT surveillance company Hacking Team’s confidential files. The large-scale leak was also responsible for the release of personal information from adultery website Ashley Madison.
For some long-term users, the potential security risks ultimately outweigh the ease of use the Flash Player provides.
RMIT student Alex Myers said even though he has comprehensive anti-virus software and firewalls, he will probably still uninstall the program “as there are now a large variety of alternatives that are now available”.
“This hack if definitely one of the most dangerous forms of computer intrusion to happen to the general user due to such a widespread use and download of Flash.”
The people who say Flash is dead think Flash Player is the only thing Flash is. AIR, Animation and Graphics is where its at
— Veselekov (@Veselekov) July 22, 2015
In this digitally driven world, Dr. Radcliffe said regardless of having Flash Player or not, you should play it “ultra conservative” when it comes to your privileged information.
“The internet has gotten worse and worse, and the criminal organisations in particular have got cleverer at penetrating machines…So be careful or you’re going to be in trouble.”
