Adobe Flash has received another high-profile bashing, after a US Senator called for government agencies to stop using the software as soon as possible.
Sen. Ron Wylden wrote a letter to the Department of Homeland Security, the National Institute of Standards and Technology and the National Security Agency, asking them all to begin a coordinated effort to remove Flash from their systems.
Not only did Sen. Wylden request that Flash is removed as early as possible, he went so far as to outline a three-step plan for achieving this. Initially, government agencies were requested to cease deploying new Flash-based content within 60 days. Then, efforts should be made to remove all Flash-based content from government websites by August 2019. Finally, all government computers should have Flash completely removed by the same cut-off date.
It’s yet more high-profile opposition to the besieged software, which is already heading towards the end of its life cycle after Adobe announced it would be retiring the product by the end of 2020.
Although the lack of support for decommissioned software was a worry, Sen. Wylden’s main concern was around security. Flash had, he claimed, “serious, largely unfixable cybersecurity issues” that needed to be mitigated quickly, otherwise the risks could be catastrophic.
It’s not clear exactly how many government agencies both in the US and around the world still use Flash, but it’s expected to be dropping. Back in 2011, some 28.5% of websites featured some sort of Flash content – according to research by W3Techs. Today the figure stands at just 4.9%.
That said, governments aren’t known for moving quickly, with some agencies in the US still using Windows XP today, even though it was retired back in 2014. This doesn’t just have security concerns but financial ones as well, with individual government agencies paying millions to tech firms for ongoing support long after most other homes and businesses have made the switch.
If Sen. Wyles (and the many others around the world spearheading this move away from Flash) are to be heeded, governments will need to move quicker on this issue than they have previously – or leave themselves open to serious cyber security risks.