dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
8
share rss forum feed


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

1 edit
reply to MagnusM

Re: Java flaw allows complete bypass of security sandbox

Click for full size
Chrome might be vulnerable..but only of you give java permission to run in Chrome..don't disable it..just use common sense and a browser that alerts you.
»www.java.com/en/download/testjava.jsp

»www.isjavaexploitable.com/

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

Or you can use the Proxomitron which also does not let it run until you click the toggle switch. Proxo works with ALL browsers so you don't have to use Chrome unless want to use it for other reasons (you like it better than any other browser).
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson



Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

Sound a little better than your other last thoughts.

»www.proxomitron.info/tests/index.html

So just how do you do that toggle switch for Java ? I know how proxomitron toggles for flash and how you can control javascript..but tell me more about java.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

Well, I have to admit just now it did not toggle on IE 8 where I was starting several tabs to see if IE 8 has sandboxed tabs as ChaChaz says it does. It doesn't but one of the tabs I opened was to a site that uses Java and it started Java right up. I can't see if the same thing would happen on another browser and Proxo because I don't have the latest version of Java and Fx, Sea Monkey and Opera won't allow Java if not a very recent version. Until recently, those browsers allowed older versions of Java and I didn't use Java on IE so I guess I got the toggle switch on the other browsers.

Jasons Toolbox...what was it that I had from there that I loved? That link is dead and I can't remember what tool was so great and we all (this forum's members) had it....Ahhhhh! Script Sentry that I still have and use.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


GuruGuy

join:2002-12-16
Atlanta, GA
reply to Name Game

said by Name Game:

Chrome might be vulnerable..but only of you give java permission to run in Chrome..don't disable it..just use common sense and a browser that alerts you.
»www.java.com/en/download/testjava.jsp

»www.isjavaexploitable.com/

Does Chrome use that setting by default or do you have to enable it through config:
--
GuruGuy

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to Name Game

Click for full size
Here's what I should see with Proxo and a site with a Java Applet. This is a screenshot from Opera 10 that has Java built in. (I get that error about "Please enable Java" because of the Proxo toggle button and also because I have to bypass Proxo there if I want to do the test because Proxo is blocking his ads. He is a really nice guy (member here) and so I don't mind seeing his ads in exchange for letting me do a Quality test there at his Los Angeles server (not the test in the screenshot...it is a capacity test and at Atlanta). I left Proxo enabled there to do a screen shot so you could see the toggle button.

I thought something was wrong with his California server for his Visualware outstanding Quality test because for a couple of weeks now IE 8 will no longer do the test there. I have the same version of Java on IE 8 that this old version of Opera uses so he is not blocking older versions of Java. I guess I will have to start up this old Opera version to do his test now (until I get a new computer and have the latest Java on it).
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

1 edit
reply to GuruGuy

It does it by default in google chrome



Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
reply to Mele20

The reason I asked about this Java Toggle or Switch is Proxomitron is because I started researching it. It seems you were the only one who posted in various forum about toggle for flash and Java with this product and no one else..I did see where there was a development switch thing that did not seem to work very well and never seemed to be adopted..so do you have a link that explains/ shows how it works for that filter ?
--
Gladiator Security Forum
»www.gladiator-antivirus.com/


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

1 recommendation

said by Name Game:

The reason I asked about this Java Toggle or Switch is Proxomitron is because I started researching it. It seems you were the only one who posted in various forum about toggle for flash and Java with this product and no one else..I did see where there was a development switch thing that did not seem to work very well and never seemed to be adopted..so do you have a link that explains/ shows how it works for that filter ?

My fault for Flash starting at youtube with no toggle. I didn't have this filter installed which is just for youtube. I started the thread about it and I don't recall why I never installed either of the two filters posted.

Eventually, there will be a more elegant filter but not official until JJoe's next Sidki filters update maybe the end of this year. JJoe said the toggle at youtube (not other sites) was causing problems so he posted what he uses. I just merged it now to my Proxo filters and went to that same Innocence of Muslims film at youtube on IE 8 and it did not start automatically. There is not the usual looking Proxo toggle but a big fat arrow on the screen that I have to click to get it to start. I can also easily stop the download which I could not do before. I have always gotten a Proxo toggle in a forum like this one where Flash movie is embedded in forum post.

»prxbx.com/forums/member.php?acti···&uid=338

As for java applet toggle, that doesn't work everywhere for me...but it is very difficult for me to test because I have an old version of Java on the host machine and on my virtual machine. Mozilla has disabled Java on my Fx 4 and Fx 10 ESR because on both machines Mozilla feels my Java is too old. The same thing is true for recent versions of Opera. My Java version won't work. So, IE 8 so that is the only browser I can try to test Proxo's Java toggle with.

As for disabling Java in the Control Panel, I was referring to disabling for IE and also for other none ActiveX browsers. That works. But to disable Java for a program you own that uses it, I just let Process Guard stop it from running when called. Process Guard pops up when I start MySpeed software that requires Java and I can stop it right then by not approving it and then PG says the handle is invalid and MySpeed closes without having opened. I am so used to Process Guard asking me if I want to allow something to run that I didn't even think about what one would do if they didn't have a classic HIPS other than simply don't start a Java program you own if Java is suspect.

I didn't find much at TUOPF regarding Java applet toggle. But what I found shows that IE is a bitch to get it to work on. It is such a shame that Paul Laudanski felt it necessary to burn the Official Proxo forum and Sidiki's official forum and two others at Castle Cops and refused to allow KyeU to mirror them at TUOPF before he burned all that info...not even allowed The Way Back Machine to mirror. If Paul wanted to destroy every forum at his site he should have exempted Proxo forums as that was a unique situation where the Proxo author was dead and everything in Scott's offical Proxo forum, Sidiki's forum ext. was viciously and needlessly held to the flame of Paul's decision to nuke his site. All the other forums at Castle Cops had live authors of software and much could be reproduced but not so for Proxo's forums. A terrible loss and I lost respect for Paul when he did that. Yeah..I know it was his site to do with as he pleased...but it was ugly and wrong what he chose to do. Anyhow, it is not easy to find info since then regarding Proxo. Anyhow, here is one of few Java applet threads at TUOPF ...I think the filter is the same one we still have so I'm going to ask if that filter is going to be improved.

»prxbx.com/forums/showthread.php?···gle+java
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

Yup..sad stuff and remember it all well..I guess my point in all this is to try to get us all above the power curve in dealing with whats out there today..trying to stop all this crap messing up our PC's. Both you and rich always have great ways and solutions on how that can be done and people respect you for it. Love those old tools and versions that made it simple without lots of user interface once set. We would hope that the browser platform we have chosen would have them all embedded and on by default rather than plugin options or developed by a third party.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/