Adobe Flash has a long history of security vulnerabilities, but uninstalling it completely can make many sites unusable. A good middle ground is to enable click-to-play, which will allow you to selectively use Flash. You can whitelist specific websites, choose to allow all plugins on a page during a specific site visit, or just click on grey boxes with Flash content when you want to play a specific video.
You’ll want to avoid using Flash Player on sketchy sites you’ve never heard of (especially those without https), but be aware that even sites you trust can be vulnerable, since many serve content from third-party ad network partners. If a popular site is infected with malicious advertising, you’re still somewhat vulnerable, but limiting Flash usage to sites you select will lower your risk. Additionally, enabling click-to-play will improve your browsing experience by making things faster to load, improving your battery life, and by decreasing ads and pop-ups.
For specific details on how to set up click-to-play for Google Chrome and Mozilla Firefox, follow the instructions here: https://freedom.press/blog/2015/07/block-flash-with-click-to-play. Safari, Internet Explorer, or Opera are not as up-to-date as other browsers, but if you need to use them for work, you can still use click-to-play by following the instructions here: http://www.howtogeek.com/188059/how-to-enable-click-to-play-plugins-in-every-web-browser/
Yael Grauer is a freelance tech journalist covering online privacy and surveillance for WIRED, Forbes, Slate, and other publications. Find her at http://yaelwrites.com or on Twitter @yaelwrites, and check out her free ebook on staying safer online at https://yaelwrites.com/saferonline.pdf.
Check out more digital hygiene tips:
- Removing public data
- Privacy protection on domain names
- Https everywhere
- Anonymous “Tor” cloak or VPN
- Prepare for a DDos attack
- Two-step verification
- Privacy plug-ins/cookies
- Third-party permissions
- Image “hidden pixels”
- Links and attachments
- Install patches and updates
- Use a password manager/strong password
- Strengthen security questions
- Encrypt hard drive/backup data
- Click to play
- Use end-to-end encryption