republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > Java flaw allows complete bypass of security sandbox

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:4

reply to MagnusM

Re: Java flaw allows complete bypass of security sandbox

I am getting really tired of being "authoritatively" told (not just by you either) to uninstall Java. I have to have Java for an important application I own and for Visualware and Web100 speed tests. I don't use joke Flash speed tests.

The more sensible answer would be to suggest that users keep Java unchecked in the Control Panel for both IE and nonActiveX browsers until they must use Java, and they are sure the website has not been compromised, or that their application that requires Java is also clean, and then they should enable Java only on one type of browser and only for as long as needed and then disable it again.

Another suggestion would be that knowledgeable users consider using a virtual machine for risky things like Java.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson
to forum · permalink · 2012-09-25 22:30:10 ·

redwolfe_98
Premium
join:2001-06-11
kudos:1
4 edits

said by Mele20:

The more sensible answer would be to suggest that users keep Java unchecked in the Control Panel for both IE and nonActiveX browsers until they must use Java

one of the tabs I opened was to a site that uses Java and it started Java right up

maybe you need to disable "java"?

FYI, short of uninstalling "java", "USCert" recommends using "firefox" with the "noscript" addon:

»www.kb.cert.org/vuls/id/636312

"Use NoScript.. Using the Mozilla Firefox NoScript extension to whitelist web sites that can run scripts and access installed plugins will mitigate this vulnerability. See the NoScript FAQ for more information"..

similar to using "noscript", you could follow microsoft's recommendation to use high security-settings in IE and, then, "whitelist" some websites, as necessary, by adding them to IE's "trusted sites" zone..
to forum · permalink · 2012-09-26 05:46:41 ·


Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC
kudos:7

reply to Mele20
BTW ever try this ...Need to see the HTML source of a website you don't want to browse to but only have a PC with no tools? Run Notepad and File/Open the URL.

to forum · permalink · 2012-09-26 14:11:18 ·


rcdailey
Dragoonfly
Premium
join:2005-03-29
Rialto, CA

Neat trick. Safe, too.

to forum · permalink · 2012-09-26 15:23:44 ·
Forums > Broadband Tech > Security > Security

Tuesday, 18-Jun 20:27:14 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics