So what's the best option for the security conscious individual who just can't bear to cut Flash out completely? You'll want to stick to a browser other than Chrome or IE 10 as your primary Flash-less surfing tool, and then use Chrome, IE 10, or another browser with the Flash plug-in installed when you stumble across a Flash-centric website. (Bonus points if you install Java's plug-in on your secondary browser; see above.) This strategy will minimize your possible exposure to dirty Flash exploits.
The prospect of abandoning Flash is becoming more viable by the day, though. Adobe recently discontinued Flash on Android, and Apple has never allowed the multimedia software on its iOS devices. And as mobile technology consumes the world, websites are turning away from Flash to embrace HTML5 in droves; W3Techs reports that the number of Flash-bearing sites has plunged in the past year, from just over 25 percent in March 2012 to 20.2 percent in March 2013.
Pandora, YouTube, Revision3, Vimeo, and Scribd have all either introduced HTML5 options or dumped Flash for HTML5 entirely over the past couple of years. With any luck, Flash's final days are just over the horizon.
Trumped, yet hopeful
At the end of my grand experiment, it's apparent that, while leaving Adobe Reader for greener (or at least less-targeted) pastures is relatively easy, you might not be able to quit Java or Flash cold turkey. But even so, you can take precautions to keep your security risks to a minimum. Just slap the Flash and Java plug-ins on a secondary browser and forget they're there unless you absolutely need them.
Sign up for CIO Asia eNewsletters.