Wait…what? Found this randomly googling stuff
http://www.usatoday.com/story/tech/2013/01/31/apple-blocks-java-on-macs-due-to-vulnerabilities/1880783/
one more cause not to own a mac.
if people like to own a OS which in reality owns them…
I don’t care if they have problems with it
According to the article the Department of Homeland Security also recommends against Java…isn’t their time better spent catching intentionally malicious things or, say, terrorist attacks? :
yeah, the german Federal Office for Information Security did the same
This reminds me of people who get a speeding ticket and complain, “Shouldn’t the cops be out catching murderers and bank robbers?”
I’m all for not executing applets (plugins) upon page-load, actually.
Chrome did it the sensible way, with confirm-to-run.
MSIE did nothing.
Safari killed the plugin.
Don’t forget that security holes in applets create real problems: from data loss to financial loss to exposed company secrets.
Therefore the provider of the plugin has an incredible responsibility, to not be a gateway for intrusions, with multi billion dollar losses in damages. The browser developers have a similar responsibility, as they allow plugins to do anything - therefore at least disabling drive-by-infections, even for zero-day vulnerabilities is of utmost importance. Even the very latest Java patch is ridled with security issues. Oracle just doesn’t isn’t aware of them yet (or pretends so), but others might be. That’s why I wouldn’t even feel secure in Safari with a plugin version that is condoned by Apple. I just don’t want these plugins with a bad track record to automatically run in the first place.
“I have heard Java is dangerous. Therefore I will not buy/download/play game because it uses java”
(stupid person listening to mainstream media)
people dont know what security vulnerabilities mean, they just know: you use java you get hacked and robbed, SOMEHOW.
people dont know the difference between applet and desktop java - its just java
This is all that this hype does - makes it more hard for java developers to publish stuff, client-side
I’m all for not executing plugins too, clicking them and manually allowing them is no big deal. What is a big deal though is how John Q. Public reacts to these overhyped java security news D:
The mainstream media only started to get like this, when Oracle screwed up time after time. Knowing about issues and not doing anything about them for 3 months is very bad, and the media rightfully jump on it, warning the public about this irresponsible company and their product.
Oracle itself is the cause of the hype. Don’t blame the media.
I meant that I thought it would go to defense not homeland security. Not to mention that there’s no need for the government to make these kind of announcements; there’s already an abundance of articles online.
DHS has a whole division pertaining to “cyber security”. As does the DoD, but their job isn’t to interface with the public.
[quote=“Riven,post:8,topic:40901”]
And Sun before them… It makes me weep when people ask me if they should disable java in their browser and I have to say ‘yes, unless you really need it’, but that’s how it is. No 4K games for them! :-\
I disabled Java years ago.
Cas
The plugin is so unreliable on linux that it effectively disables itself, so no problems at work. At home, noscript does the job for me.
disable the PLUGIN. That doesn’t mean someone can just execute any code they want just because you have java installed.
in Soviet Russia…