dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
13
Mele20
Premium Member
join:2001-06-05
Hilo, HI

2 recommendations

Mele20 to mackey

Premium Member

to mackey

Re: Java: Ought It Be Removed?

Huh? Java does NOT run unless I allow it to run. Besides, there are not many websites that need Java. The only ones I know of are speed test sites like Visualware's "MySpeed", the various Web100 sites and the Java speed tests here (Flash speed tests are trash). There are probably some game sites (I play games on my computer but not online ones) that need it but willy-nilly most every site runs Java applets somehow silently in the background ...uh huh...not on my computers.

jaykaykay See Profile has it right. Keep it disabled except when needed and make sure the slider is at very high security and even then look carefully at the Java security request popup before granting Java the right to run its applet on that particular web page. (It goes without saying that the same should be done with Flash Player - even IE 10's builtin Flash can be disabled easily and enabled easily when really needed which is seldom as youtube will automatically play videos in HTML5 if Flash is disabled and no need to join the beta for HTML5). Plus, everyone should use some kind of extension on any browser (or use the Proxomitron) that puts a toggle switch on Flash and Java.

It sounds like you don't have good security on your computer thus you think Java and Flash should not be installed at all.

mackey
Premium Member
join:2007-08-20

1 edit

mackey

Premium Member

said by Mele20:

Huh? Java does NOT run unless I allow it to run.

Which is most definitely NOT the default way of running it, and mentioning that changes the basis for your argument completely. Yes it's possible, and really the only way to come close to making it not a please-compromise-me hole, but the vast majority of users have no clue how to do that.
said by Mele20:

It sounds like you don't have good security on your computer thus you think Java and Flash should not be installed at all.

Not true. Not wanting to deal with the possibility of accidentally clicking the wrong 'enable' button, not wanting to see the 'out of date' popup every few days, not wanting to download and install a new version every few days, and not wanting yet-another-updater constantly running in the background does NOT mean my computers' security is bad. Even compared to having it disabled, not having it installed to begin with removes the human error risk. Also, I have no faith someone who is not good with computers could reliably tell the difference between a good site/plug-in request and a bad one.

/M
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

Check this forum on Microsoft Tuesday. Java and Flash usually have updates on the same day now. There are usually separate threads here announcing Java and Flash updates and links to getting the updates are given. You can bookmark the better update links (direct downloads with no possibility of "accidentally" installing unwanted added crap like toolbars) and simply use those on Microsoft Tuesday if you don't want to come here to read the Java and Flash update threads. It's not every few days but once a month, and occasionally more often but it so it is usually Flash with more than once a month updates and that is not every month anyway. Installing new versions of these two is not the hassle it used to be where you had to first uninstall the version you had and if Java it didn't uninstall correctly....that shit is pretty much a thing of the past now.

I do agree that the "my computer is a toaster" crowd will have problems with this updating once a month. You did not indicate though that you were aiming your remarks exclusively at that group.

urbanriot
Premium Member
join:2004-10-18
Canada

urbanriot to Mele20

Premium Member

to Mele20
said by Mele20:

Huh? Java does NOT run unless I allow it to run.

You're a unique and rare exception to the rule, a person who's gone out of his way to find a way to run Java as needed. Our comments are directed at 99.99% of the people that have Java on their systems.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

said by urbanriot:

said by Mele20:

Huh? Java does NOT run unless I allow it to run.

You're a unique and rare exception to the rule, a person who's gone out of his way to find a way to run Java as needed. Our comments are directed at 99.99% of the people that have Java on their systems.

I outfoxed myself. I can't get Microsoft sites to load (especially Microsoft Malware Center to get my Windows Defender definitions). I finally got the Malware Center page to load and I tried to download the definitions. Usually they download at 2225KB/sec but they were downloading at 87KB/sec!

So, I decided to do a Java Web100 speed test. I got a popup on Opera that said my security settings would not allow Java applet to load. I was not given a way to override it...said "override here" but that didn't work. I was puzzled. I have always been able to run the speed tests although I get a warning that the site wants to load a Java applet and do I wish to allow it or not (and I want to get the warning). But now I was just getting a NO, you cannot run this Java applet and you cannot override your security settings to allow the applet to run. So, I tried IE10 and got the same popup.

I then opened Java control panel where I saw that I had raised the slider to as high as possible. I always had it on medium until I raised it higher and, obviously, forgot I did that. The Web100 speed tests are not signed and I think that may be why I could not override the error message and run the applet anyway.

At any rate, just put the slider all the way up and you don't need to disable Java plugin in the browsers!

urbanriot
Premium Member
join:2004-10-18
Canada

urbanriot

Premium Member

said by Mele20:

At any rate, just put the slider all the way up and you don't need to disable Java plugin in the browsers!

I didn't even know this slider existed until your post and it explains why I'm receiving annoying messages with some of the applets I'm using that I didn't get with the older versions of java, they must have auto-enabled something recently.

I wish they had security overrides for certain sites / IP's, that would be really appealing to me.
dave
Premium Member
join:2000-05-04
not in ohio

dave

Premium Member

said by urbanriot:

I wish they had security overrides for certain sites / IP's, that would be really appealing to me.

Who is "they"? Internet Explorer?

You can add selected sites to the 'trusted' (good sites) or 'restricted' (bad sites) zones, each which has a separate set of security parameters from the normal internet zone.

urbanriot
Premium Member
join:2004-10-18
Canada

urbanriot

Premium Member

said by dave:

said by urbanriot:

I wish they had security overrides for certain sites / IP's, that would be really appealing to me.

Who is "they"? Internet Explorer?

You can add selected sites to the 'trusted' (good sites) or 'restricted' (bad sites) zones, each which has a separate set of security parameters from the normal internet zone.

Refer to the context of the conversation - Java virtual machine.

"they" would obviously be Oracle, the current developer.

Unfortunately the adjustments you refer to affect java scripting but not JVM. I'm referring to settings that would allow \\server\file.java or 192.168.0.1\siteaccess, etc.
dave
Premium Member
join:2000-05-04
not in ohio

dave

Premium Member

Ah. Sorry, I'd lost the thread a little.

avaj
@151.190.40.x

avaj to mackey

Anon

to mackey
said by mackey:

said by Mele20:

Huh? Java does NOT run unless I allow it to run.

Which is most definitely NOT the default way of running it,

Actually, it is the default. Java will prompt the user before running a Java app in a web page.

javaMan
The Dude abides.
MVM
join:2002-07-15
San Luis Obispo, CA

javaMan

MVM

said by avaj :

said by mackey:

said by Mele20:

Huh? Java does NOT run unless I allow it to run.

Which is most definitely NOT the default way of running it,

Actually, it is the default. Java will prompt the user before running a Java app in a web page.

It wasn't always so but I believe it was introduced in the last update or the one before it. Oracle's attempt to introduce more user control over what runs in the browser I think.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

Yes, the change to having a security slider for Java was introduced by Oracle about 3-4 updates ago but at first the default position on the security slider was "low" so most folks didn't know it existed as they would get a prompt only in rare instances. Then Oracle changed it so that the slider is by default set at medium and that produces popup warnings for all unsigned Java applications that want to run from the website you are visiting. (Oracle was still criticized so they changed it further and the user must actually use their mouse to check the box on the security alert that says they understand the risk they take in overriding Java security and thus allowing the unsigned Java application to run).

Since the majority of older Java applications are unsigned this means more users get the security popup and that maybe gets them to open the Java Control Panel to see what is going on and then they notice the slider. (Or they can just read our Security forum and get all pertinent information about Java changes here -there has been lots of discussion here over the last six months regarding the changes Oracle has been making in their effort to make Java less of a security risk).