dslreports logo
    All Forums Hot Topics Gallery


how-to block ads

Search Topic:
share rss forum feed

Toronto, ON

10 recommendations

A safer alternative to installing Java on your PC

During the past few weeks I've been reading all the warnings and posts about Java vulnerabilities in this forum and I've been patiently waiting for someone to offer an alternative, more secure way to deal with it but unfortunately I haven't seen anyone mentioning this. May be I missed it but if I miss something in this forum, chances are there are a lot more people who missed it too. So I give up and I'm posting it here, in its own thread.

The answer is simple. Portable Java.

Portable applications are not necessarily only for USB drives or CDs. You can run them from any folder on any drive, even from a folder on your desktop. They leave no trace in your registry and for all intents and purposes they don't exist until you start them and majority of them leave no trace in the registry once you close them. I have probably over 20 of them that I use from time to time without cluttering my registry. »www.portableapps.com has a wealth of them, among other sites.

Majority of Java vulnerabilities reach you through your browser and frankly if your browser is not Java enabled, chances are you can go for weeks without even noticing it. (In my case probably forever). Running an occasional Java based browser app, like a speed test for example, does not justify having Java on your computer full time. All you have to do is have a portable Firefox in your portable folder and it will automatically uses your portable Java for that single use. Close it and you're done and browse with your default browser after that.

Then there are those (like me) who have a Java based application on their PC. Again, having one or two applications doesn't justify having a fully installed JRE. Most well written applications upon start will give you a warning if you don't have Java installed and ask you to either instal it or browse to the location of your Java folder. Point it to your portable Java and it should run. Other Apps may entirely run on a single jar file. Use Java Portable Launcher in your portable folder and point it to your Jar file. It may not be 100% but it's well worth trying.

Other applications like LibreOffice Portable or PortbleOffice, etc... will use your portable Java automatically so long as they are in your portable app folder.

This method will keep you safe against majority if not all the current vulnerabilities, unless of course you just run any unknown local or browser java application for the heck of it, in which case all bets are off no matter what you do.
You can catch the Devil, but you can't hold him long.


1 recommendation

Interesting - you do hear quite a few people like to know of portable apps etc that can be loaded off a USB etc, or as you suggested a file on the desktop. It is a growing need for today's computing and more and more are looking to this form of computing.

Thank you for the post.
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke

Seattle, WA
reply to Wildcatboy
Lots of good ideas here. Thanks WCB. Portable java is a good way to wean ourselves off of a complete local install.


2 recommendations

reply to Wildcatboy
Thanks WCB!

If I'm allowed to suggest it, this would also be good to be in the Security FAQ.

reply to Wildcatboy
I think using portable apps is the right way from many perspectives. It reduces registry clatter, it increases overall security (components are isolated from each other and are accessible only on my demand), it makes OS reinstallation easy (if you keep all tools on drive D: and have custom menu pointing to them), etc. I'm always looking for portable version first and then, even if there is no one, I try to convert common apps into portable by analyzing how they work. In many cases it succeeds. I have hundreds of portable apps/tools on this computer. Even all browsers (with one exception - IE) I always run in portable mode (Firefox, Iron, Chromium)...

Now, I don't have Java installed on any of my computers and knowing, that Java has a portable package too, makes it more attractive to me. Thanks you, Wildcatboy See Profile for sharing this approach with us.
Keep it simple, it'll become complex by itself...

I love you Fred
Ojai, CA

1 recommendation

reply to Wildcatboy
Since this Java thing started, I uninstalled it from all 5 of my computers.

All these years, I had no idea that I didn't need it.
Printed on 100% recycled bytes