Going cold turkey on the unholy trinity

[lanux128]

for some reasons, i am trying to keep Flash, Java & Adobe's PDF off my computer (more specifically out of my home network).

i am quite determined to get by without these ubiquitous trinity, therefore i am wondering if there are any methods being used by the community to do that currently.

as it stands, PDF is the easiest to replace and Flash is in the middle ground, being gradually replaced by HTML5 at most sites. however Java is a different kettle of soup/fish/tea, with it being the prerequisite for some apps/games (damn you, minecraft!). in the long run, i am thinking of a sand-boxed version of java being made available just for those software that requires it.

with my weak google-fu, i could only find this article - http://www.pcworld.c...eader-and-flash.html

[ewemoa]

Are you trying to avoid the PDF file format or Adobe's Reader (or Acrobat)?  I use the file format but neither of Adobe's PDF-related applications (SumatraPDF and PDF-XChange Viewer seem to cover my needs).

Flash I'm installing less often, but haven't eradicated yet -- there are some sites I visit that don't really function well without it (hoping that will change but I'm not holding my breath).  One thing I've tried is to have one browser that has Flash set up for it and another that doesn't -- I try not to use the browser with Flash set up for it very much in an attempt to mitigate risk.

Java (or more specifically the JDK), I have a portable installation of and AFAICT it doesn't get invoked without my knowing it.

[lanux128]

i'm ok with PDF format but not so with Adobe's unnecessarily bulky updating mechanism. i had used Adobe Acrobat before and didn't find it a hog. however nowadays, i am using the same apps as yourself (SumatraPDF and PDF-XChange Viewer).

most of my video browsing is done on my android devices and when i am at home, i just 'cast' them on my tv instead of watching on the PC. since Adobe themselves don't support Flash on Android, it should be a wake-up call for video content providers to get themselves updated. so because of that, i am holding back from using Flash on my PC.

as i said earlier, Java is a different proposition but thanks for reminding me about the portable setup. i believe i still have your batch files from sometime ago and i will try to use them to recreate a similar setup on PCs that require java.

[ewemoa]

since Adobe themselves don't support Flash on Android, it should be a wake-up call for video content providers to get themselves updated.

-lanux128 (October 11, 2013, 12:31 AM)

I hope you're right

as i said earlier, Java is a different proposition but thanks for reminding me about the portable setup.

Don't know how much help it might be but there's jPortable and jPortable Launcher from PortableApps as possibly useful pieces as part of some solution.  FWIW, I am using batch files in combination with at least jPortable IIRC.

[wraith808]

Adobe slimmed down the PDF reader stuff a while ago in response to the 3rd party pdf readers, but it has seemed to bloat up as of late   I might have to get back on the alternate PDF bandwagon at some point.  My problem is that my job now uses a plug-in to do some functionality, so I have to keep it available for testing/development. 

[CWuestefeld]

I can't find the link right now, but I just read the other day that Mozilla is going to put into the official Firefox distribution js-based Flash support. You won't need to install Flash itself, your browser will continue to run (most) Flash content, and it'll automatically be sandboxed by the browser's existing protections for js.

[TaoPhoenix]

i'm ok with PDF format but not so with Adobe's unnecessarily bulky updating mechanism. i had used Adobe Acrobat before and didn't find it a hog. however nowadays, i am using the same apps as yourself (SumatraPDF and PDF-XChange Viewer).

most of my video browsing is done on my android devices and when i am at home, i just 'cast' them on my tv instead of watching on the PC. since Adobe themselves don't support Flash on Android, it should be a wake-up call for video content providers to get themselves updated. so because of that, i am holding back from using Flash on my PC.

-lanux128 (October 11, 2013, 12:31 AM)

Hmm. A bit of mixed motivations here.

Wanting to watch stuff is a "now" problem. It will take *years* before holistically "everyone" is on html5 or whatever else.

As an example concept, though I'm not sure it quite applies to a PC:
Apple iPhone's famous lack of Flash. However, I would like to be able to use my phone like the small computer it is, without a certain Steve's prefs getting in my way. Specifically, a certain chat site that runs on Flash. "Won't someone ever think of the Chat Apps?"

So I found something called Photon Browser. "Oh look, my iPhone plays Flash apps now. "
(Shock! Horror!) "How did you do that?"

Because Photon Browser takes the end signal, parses it, and sends some kind of data batch to the iPhone, and back.

[saralynn]

In the few weeks since this thread started, Mozilla is now blocking in-browser Java outright, yes?

OP, have you ever been "bitten by" Java, or had malware injected onto your system via a Java vulnerability?

(Not asking you to list them, but) I'm wondering what sites you visit which require use of Java?
I've had Java disabled in-browser since way back in 2005(?) and can't say I've ever missed it, er, don't know what I've missed out by not having it available.

I do have JRE installed to a sandboxie container. Several graphics applications that I've used depend on its availability.
I've never personally been bitten by malware employing a Java vector, but prior to disabling it in-browser, I came "yay close to being bitten" -- proxomitron rules thwarted redirection and /or loading of the injector embed object.

Along with Java, I block Silverlight, RealPlayer, and similar proprietary devices. I don't regard them as being inherently evil, though. I just don't want to expose myself to the potential grief their ongoing vulnerabilities invite. IMO, the most dangerous (and maybe I'd even label it as "evil") current aspect of web-centric computing is "dot net" (.Net) ... with NaCL (native client) on the horizon, as a close second.

Flash extension remains installed in my Firefox browser. FlashBlock browser addon suits me fine.
Probably the only thing I've blocked, and occasionally "miss" is Shockwave... or the ol' Macromedia Director.
We had some wonderful freeware and shareware games which utilized Director.

[wraith808]

IMO, the most dangerous (and maybe I'd even label it as "evil") current aspect of web-centric computing is "dot net" (.Net)

-saralynn (October 24, 2013, 06:29 PM)

Just curious... why would you label .NET as evil?

[lanux128]

Firefox also blocks several other plugins out of the box, there is a full list here.

@saralynn: other than crashes and general updating annoyances, i have not been affected by any malware using the plugins as a conduit (touch wood). however my primary concern is whether casual users need flash/java in their computers. i feel that the plugins system is so clunky and awkward and casual users shouldn't be expected to keep up with the latest news of security issues and update/patch diligently.

especially java, i seem to need it for only minecraft (lucky me) and as for flash videos, i don't mind since i don't/can't access to any streaming video sites (e.g. Hulu, Netflix, ESPN, etc) so whenever i see this:

Spoiler

i take it as their loss, not mine.

[ander2255]

I think the free Foxit PDF Reader is super. I've used it for years and it's quite quick and compact... It runs circles around ultra-bloated Adobe Reader.

If you decide to try it, just be sure to pay attention and uncheck the adware options when you install it—then everything should be fine!

[40hz]

If you decide to try it, just be sure to pay attention and uncheck the adware options when you install it—then everything should be fine!

-ander2255 (December 13, 2013, 02:45 AM)

Alternatively, go to ninite.com and download an installer from them. They strip out all the add-on nonsense for you.