 LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | [POLL] Do you use Java; disable it; or uninstall it ? This seems to hit the tech security web sites on a regular basis: "Java 0-day exploit out; no fix seen soon; disable Java in all your browsers." Why again is it that Oracle can not keep Java somewhat secure and why does it take them forever to get a fix out?
»www.theinquirer.net/inquirer/new···is-found
Poll
Do you use Java on your computer? |
|
--
A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the public treasury. |
|
| I don't have it installed. I have not yet run into anything I use that requires it.
--
Don't let my reality hinder your imagination! |
|
jl747
join:2005-03-24
Mount Prospect, IL | reply to Linklist
I disabled it for now.
I have it just in case I need it while using LibreOffice. |
|
LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | reply to Linklist
Mozilla has decided to add an automatic block of the Java plug-in in Firefox that can be overridden by the user on an individual use basis or a web site white list.
»thenextweb.com/apps/2013/01/11/f···ocklist/
Mozilla on Friday announced it has added Java 7 Update 9, Java 7 Update 10, Java 6 Update 37, and Java 6 Update 38 to its Firefox add-on block list, following yesterday’s news of a new vulnerability. The critical security hole, which allows attackers to execute malicious software on a victim’s machine, is currently being exploited in the wild and is also available in common exploit kits. Firefox users are protected by either existing plugin blocking or Click To Play defenses.
The Click To Play feature ensures that the Java plugin will not load unless a user specifically clicks to enable the plugin. This protects users against drive-by exploitation, one of the most common exploit techniques used to compromise vulnerable users. Click To Play also allows users to enable the Java plugin on a per-site basis if they absolutely need the Java plugin for the site. This feature is available as of Firefox 17.
--
A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the public treasury. |
|
 StuartMWWho Is John Galt?Premium
join:2000-08-06
Galt's Gulch
kudos:2
1 edit | reply to Linklist
I have Java installed but disabled in browsers. That said I have one (non-internet related) application that requires Java to run.
--
Don't feed trolls--it only makes them grow! |
|
 siljalineI'm lovin' that double widePremium
join:2002-10-12
Montreal, QC
kudos:17 | Do Not run Java  |
|
| reply to StuartMW
+1 |
|
 rfharThe World Sport, Played In Every CountryPremium
join:2001-03-26
Buicktown,Mi | reply to Linklist
I disabled Java months ago and have not found a site that required I need it since. |
|
 planet
join:2001-11-05
Oz
kudos:1
1 edit | reply to Linklist
Uninstalled from 1 desktop (XP) and 2 laptops (XP & Win 7) . My Ipad --iOS 6 doesn't allow java or flash 
Haven't noticed any need for java. Occasionally but few and far between, sites aren't viewable w/o flash. |
|
LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | reply to rfhar
said by rfhar:I disabled Java months ago and have not found a site that required I need it since.
Try some of the TOOLS on dslreports.com. They need Java. Like the Tweak test.
--
A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the public treasury. |
|
rfharThe World Sport, Played In Every CountryPremium
join:2001-03-26
Buicktown,Mi | reply to Linklist
I have not felt the need to do a tweak test on the last couple of operating systems and use the speed tests that are not Java. |
|
OZOPremium
join:2003-01-17
kudos:2 | reply to Linklist
No, I don't have it and/or use it. This approach has saved me lot of my time, which otherwise would be wasted on endless security updates, required for the Java package. If some site insists on using Java I simply go away from it and usually just find a good alternative...
--
Keep it simple, it'll become complex by itself... |
|
LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | reply to Linklist
said by Linklist:Mozilla has decided to add an automatic block of the Java plug-in in Firefox that can be overridden by the user on an individual use basis or a web site white list. Apple has now also blocked Java on the OS X platform:
»www.macrumors.com/2013/01/11/app···-threat/
--
A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the public treasury. |
|
|
|
LinklistPremium
join:2002-03-03
Longport, NJ
kudos:5 | Security company knocks Oracle big time for not fixing problem completely when notified initially in Aug, 2012. And now says ransomware exploits are all Oracle's fault.
»thenextweb.com/insider/2013/01/1···somware/
according to Security Explorations, the security firm responsible for identifying most of the latest Java vulnerabilities. Back in late August 2012, the company informed Oracle about the insecure implementation of the Reflection API, dubbed Issue 32, and Oracle released a patch for it in October 2012, but the fix wasn’t a complete one.
“The zero-day code would not work if Issue 32 was properly addressed,” Security Explorations CEO Adam Gowdiak told Softpedia.
We sent Oracle additional Proof of Concept code for Issue 32 that illustrated this exploitation vector in Sep 2012.”
Cool Exploit Kit (CEK), already included the latest Java exploit. Before we dive in to how CEK is already being used to push ransomware... CEK has been used to distribute ransomware before, but now it’s also using this latest Java vulnerability to do so. Trend Micro has detected the exploits in question as JAVA_EXPLOIT.RG and HTML_EXPLOIT.RG, as well as the ransomware payloads as Reveton (TROJ_REVETON.RG and TROJ_REVETON.RJ).
--
A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the public treasury. |
|
 DustynPremium
join:2003-02-26
Ontario, CAN
kudos:10 | reply to Linklist
Installed but both browsers require my permission to launch it. |
|
BobAccount deleted
join:2012-07-22
New Jersey | reply to Linklist
I can't play Minecraft without Java! |
|
 plkLil' Duffer Burger BarnPremium
join:2002-04-20
Ogden, IA | reply to Linklist
Had it for speed tests but now its gone forever. |
|
 jadinolfI love you FredPremium
join:2005-07-09
Ojai, CA
kudos:9 | reply to Linklist
Pulling BIG SWITCH on Java.  |
|
 BachI'll Be BachPremium
join:2002-02-16
Flint, MI | reply to Linklist
I had it installed on one PC to infrequently run a Java based chat-room app, but it's now uninstalled. |
|
| reply to Linklist
said by Linklist:said by rfhar:I disabled Java months ago and have not found a site that required I need it since.
Try some of the TOOLS on dslreports.com. They need Java. Like the Tweak test. If you use Firefox or IE9, merely enable JAVA for an accurate speed test then disable it again. No Script gives the same control in Firefox but I have knocked JAVA out of constant contact with the browsers for now.
--
If I can only find my keys... |
|
