Homeland Security Warning: Disable Java from Browsers

[Rman Virgil]

.

No joke. Who woulda thunk...

http://www.newsfactor.com/news/Java-a-S ... 300243WKA3

.

[Goth Zagog-Thou]

Oh dear..

[bendib]

I don't have a java plugin. :^3

...But seriously, best of luck to those that do...

[Goth Zagog-Thou]

What worries me is that a lot of the third-gen cellphones (< 2006) are running those embedded java-based operating systems, like old Motorola phones. This could affect them too, apparently.

[aubergine]

"Java is a mess that is not secure" -- my arse! What a load of FUD. Java has been backbone to most of the internet for decades now, and it's *very* secure -- certainly more secure than anything M$ ever wrote. Like any software, there will be exploits in it, but those can be fixed. It's no worse than the gazillions of exploits on MSIE6 that were around for a decade and these same US military folk who are moaning about Java were caught with their pants down due to MSIE (and other M$ shoddy code) exploits right up to present day.

What they keep quiet is that the real major vulnerability is the hardware! A few years back hackers realised they could use bugs in network adapters and even Intel CPUs to take complete control over computers. And it was only then that it was disclosed that US Military had a program to "defeat all known computer defences allowing us to access any computer in the world" (or words to that effect). So even if you removed all s/w from your computer, the actual physical hardware is hackable, as demonstrated by various security experts.

Reading that article sounds to me like someone got paid to blow a security exploit out of all proportion and then off the back of that encourage people to ditch Java and a number of other products that whoever was paying them is in competition with.

There have been much more severe and more regular exploits in Adobe and Microsoft products for decades.

That being said, I agree with bendib: Anyone using java plugin in their web browser is a nutter. Browser using Java internally is fine, but java applets most certainly do not belong on web pages (regardless of the JavaFX stuff I saw Sun Microsystems demo a few years ago).

*sigh* And people wonder why I don't listen to mainstream (aka. "corporate") news any more...

[Shadow Wolf TJC]

I've run a quick check on Internet Explorer (which I'd never use unless necessary), Mozilla Firefox, and Google Chrome in an effort to find and disable Java, and it seems as if I don't actually have it installed.

[Emdek]

I've heard similar warning back in December...
I believe that it could be patched already...

[Rman Virgil]

.

Doesn't look to be patched according to this report from 2 hours ago:

http://www.engadget.com/2013/01/12/us-c ... y-warning/

.

[Emdek]

Interesting, I'm curious if that is the same issue in more escalated form or something new.

[Rman Virgil]

.

Oracle finally released the fix......

http://www.slashgear.com/java-fix-relea ... -14265099/

.

[Originway]

.

Oracle finally released the fix......

http://www.slashgear.com/java-fix-relea ... -14265099/

.

I read the fix didn't fix things as well as it could have so keep java disabled