To Flash Or Not to Flash – That is the question

Why CyberGhost is different from Proxy Plugins

The controversy regarding Flash is still ongoing and with more and more websites using modern HTML5 features, we might see a future where Flash is not required at all. But currently Flash is still heavily used for media content and streaming, like video streams. Websites with a lot of video content have not yet converted all of their content to HTML5 compatible formats and still require the Flash Plugin.

Flash was and is under attack. In the last years it suffered from a lot security leaks. But why?
The reason is that Flash has more freedom to access the user’s system and is running somehow in a “side-channel” of the browser.

How does that affect my privacy and security?

First of all: If you are already a CyberGhost user, you made the right decision, because you are using a VPN, an encrypted tunnel into the Internet. With CyberGhost’s advanced security features, no application is able to circumvent this tunnel and communicate from outside the tunnel. All Internet traffic is forced to go through the tunnel, passing our servers, being anonymized by replacing your IP with one of our servers’ IP.

Oh, you are using some of these tiny, small Chrome Plugins

Nice that you care about your privacy and we also appreciate that you are cautious not to install too many stuff on your PC, in order to keep it clean and fast. But in this case, it’s the wrong decision. It’s like not installing an Antivirus Program and using an online service for scanning files for viruses. This is a good solution if you want a second opinion or if you are on a computer where you are not allowed to install anything. But this  does not give you the same protection level.

Why? These Chrome Plugins work by modifying your browsers proxy settings, to use a proxy server. While this technique was one of the first used, which CyberGhost also used at the beginning (back in 2004), it has become more “en vogue” today with Chrome’s support of SPDY. SPDY is a modified version of the HTTPS protocol which optimizes the way requests to web servers are made. This gives a pretty good performance while surfing the web, but …it is not secure in combination with Flash. A malicious website could create Flash content which bypasses or ignores the proxy settings… and leaks your real IP address. So you can never really be sure if the video you are currently streaming with Flash is really tunneled through the proxy.

As I’ve mentioned earlier, Flash is not able to bypass a CyberGhost VPN tunnel. CyberGhost uses different techniques to detect if any malicious software on your computer tries to bypass the tunnel or to disable it in the background. It checks the anonymization status every minute and uses a firewall engine, in order to only allow VPN traffic while being connected. Additionally, it makes sure that existing connections are dropped before the tunnel is established, making sure these connections are re-initiated over the tunnel.

So here is a short summary:

CyberGhost Browser Plugin
Supports ALL applications on your PC YES NO, just Browser
Protects also Javascript, Flash, Java YES YES/NO/NO
Advanced bypassing protection YES NO
Supported Protocols ALL Only HTTP(S)

So, if you don’t need Flash, you are using a modern browser with SPDY support like Chrome and you only want to be anonymized and protected while surfing with this browser, a browser plugin might be a good, lightweight choice.

If you need strong protection and the best anonymization security currently available, give CyberGhost a try!

About the author

joshuamiller

© 2015 CyberGhost