Java-Dava-Doomed!

Iznogud

Registered
Joined
Jun 16, 2012
Messages
1,736
Likes
1,402
US DHS is saying users must temporarily disable Java.
.

http://www.windstrea...ap.org>&ps=1018

The U.S. Department of Homeland Security is advising people to temporarily disable the Java software on their computers to avoid potential hacking attacks.

Firefox has issued a Java related warning

http://thenextweb.co...d-on-blocklist/

It's the browser plug-ins! Not the Java based apps.

http://antivirus.abo...et-Explorer.htm
http://www.darkreading.com/vulnerability-management/167901026/security/attacks-breaches/240146053/new-year-java-zero-day-attacks-under-way.html
 
There are instructions here how to turn it off here:
http://www.pcmag.com...,2414191,00.asp

In short, for PC users, it's:
Open control panel (classic view)
Double click Java
Security tab
Uncheck "Enable Java content in browser"

In my case I didn't have that option in the security panel, so I first had to update to the most recent version. (which I did from the update tab of the same control panel applet).


Is it just me, or when the Department of Homeland Security recommends something, do you go through a whole checklist of things in your mind wondering if you should do the exact opposite.

DHS programmer - "Ok, we've got that keylogger program ready to install on every computer in America. Just one little bug though, it has an incompatibility with the Java runtime environment"
DHS IT manager - "Oooh... that could set us back several days. *snap* I've got it!! We'll just issue a warning to turn off Java! Then we can send the virus out as planned and update it later! Besides, our good friends at Microsoft could use a little jab at the competition."
 
There are instructions here how to turn it off here:
http://www.pcmag.com...,2414191,00.asp

In short, for PC users, it's:
Open control panel (classic view)
Double click Java
Security tab
Uncheck "Enable Java content in browser"

In my case I didn't have that option in the security panel, so I first had to update to the most recent version. (which I did from the update tab of the same control panel applet).


Is it just me, or when the Department of Homeland Security recommends something, do you go through a whole checklist of things in your mind wondering if you should do the exact opposite.

DHS programmer - "Ok, we've got that keylogger program ready to install on every computer in America. Just one little bug though, it has an incompatibility with the Java runtime environment"
DHS IT manager - "Oooh... that could set us back several days. *snap* I've got it!! We'll just issue a warning to turn off Java! Then we can send the virus out as planned and update it later! Besides, our good friends at Microsoft could use a little jab at the competition."

I'm afraid you may be the only one!
 
Yep, you are "special". Why would they need a kl on every computer when they can monitor comms and not deal with individuals just a few large companies/corporations in order to do so?
If it's an exploit it's one thing, if it's a virus it's another, but then we're talking the whole antivirus/antimalware industry being involved or looking the other way.

Java is well known for its vulnerabilities. Not sure about DHS and runing in the opposite direction but if Apple and Firefox are concerned then so am I.

Any good source for tinfoil hats near the Caballito/Almagro area? I'm sure nicoenarg or myself will eventually want/need one.
 
Ah, great, I can rest easy tonight knowing DHS has no hidden agendas and my sense of humor is well appreciated.
 
When you assume... but I'm not playing, so please do not include me ;)
Also "Just because you're paranoid doesn't mean they aren't after you”
Joseph Heller, Catch-22

Sense of humor is what we're all about (nico, please correct me if I'm wrong).
 
A best practice is to keep two browsers up to date on each machine (tablet, laptop, phone) you use, say Chrome and Firefox. Use one browser *exclusively* for access to your trusted bank and other such financial account logins. Use the other browser for all other browsing.

Configure the browser for bank access with as much as possible disabled - no plugins - no 3rd party graphics, etc. Log into only one bank account at a time, then clear the browser history and cache and quit that browser. This makes it harder for a web site you visit to get access to your previous logins bank data. Conversely if you use the same browser and leave the browser open between visits to web sites, your previous web site access will be automatically looked up by later ones.

Current web security protocols are not considered secure by experts. (Details in a recent ACM review of browser security.) Browser makers are not supporting future work on more secure protocols. The immediate problem is with browser makers' refusal to fix known current browser framework security loopholes, because they use these to mine privacy data.
 
A best practice is to keep two browsers up to date on each machine (tablet, laptop, phone) you use, say Chrome and Firefox. Use one browser *exclusively* for access to your trusted bank and other such financial account logins. Use the other browser for all other browsing.

Configure the browser for bank access with as much as possible disabled - no plugins - no 3rd party graphics, etc. Log into only one bank account at a time, then clear the browser history and cache and quit that browser. This makes it harder for a web site you visit to get access to your previous logins bank data. Conversely if you use the same browser and leave the browser open between visits to web sites, your previous web site access will be automatically looked up by later ones.

ain't nobody got time for that
 
Configure the browser for bank access with as much as possible disabled - no plugins - no 3rd party graphics, etc. Log into only one bank account at a time, then clear the browser history and cache and quit that browser. This makes it harder for a web site you visit to get access to your previous logins bank data. Conversely if you use the same browser and leave the browser open between visits to web sites, your previous web site access will be automatically looked up by later ones.

Or... just use the browser in Icognito / Private Mode
 
Or if you really feel you need to put a copper bottom on it, try Tor Browser.
 
Back
Top