Quantcast Is Java a bad computer threat? - digitalFAQ Forum
  #1  
01-20-2013, 12:57 PM
cyber-junkie cyber-junkie is offline
Free Member
 
Join Date: Jan 2010
Posts: 232
Thanked 1 Time in 1 Post
This is an article from one of the computer optimizer sites...I use a couple of sites (local government) sites that I get info for my work and you need Java to view the documents, I can disable it and re-enable it only when I go to those sites...will that be enough to keep me safe?

Quote:
The Department of Homeland Security recently recommended that everyone disable Java. We at PC Pitstop will go one step further and recommend that everyone uninstall Java immediately. Here is why Java is such a threat to your computer, security, data and your identity.

First a little history. Back in the late 90′s, Java represented one of the core technologies that brought the web together. Java could run on Linux, Macs, and of course Windows, seamlessly. A developer did not need to create a separate version for each platform, and this simplicity drove a lot of Java’s adoption on the web.

As time has gone on, other technologies such as Flash and now HTML5 have essentially replaced Java as the standard for “web” applications. Every once in a while, we all come upon an old web site that still relies on Java, and that’s how Java gets on our machines.

The problem, and it is a big problem, is that Java has many security holes in it. If you have Java installed on your system, and you browse to a compromised web site, your computer is immediately infected. Let me repeat that. You don’t have to execute any malicious software, the malware enters through the security hole without your consent or knowledge. In the security business, this is defined as an exploit – a compromised web site and a vulnerable computer.

I have heard outrageous numbers from associates in the security industry. Industry insiders are speculating that over 90% of all modern malware is distributed through exploits. There are security holes in many products such as Chrome, Firefox, Adobe Reader and many others, but the most porous, security-hole-ridden software out there is Java. It’s not even close.

Think about it. Java is an old technology that you rarely use in your day to day browsing experience. Once a blue moon, you come upon a site that requires Java and you install it and continue browsing. But now, you have created a huge security hole in your system just because Java is installed on your computer.

In a recent PC Pitstop study of 155,745 computers, Java was present on 29.6%. That’s right, Java is up there with Firefox in terms of popularity. The problem is that the bad guys know it and they have created a whole industry on finding new holes in Java and others.

Here’s the next news flash. The PC Pitstop study had only 16% of Java users on the most recent version. This is relevant because Oracle, the makers of Java, have announced that there is a new version of Java that plugs the hole. The problem is that there is a lot of work in keeping all your software up to date. First, you must download the software, then install it, and then most likely reboot. You are looking at 15 minutes minimum. Most people don’t have the 15 minutes, and even more people are unaware that it should be updated.

So our recommendation is to just remove Java from your system. Even if you visit an old web site that requires Java, you can still install it again. A better idea would be to contact the site administrator and tell them to update to other technologies. It’s easy to uninstall Java. Just go into Control Panel and find the application that allows you to manage the software. It is called Programs and Features in Windows Vista, 7, & 8, and Add/Remove Programs in Windows XP. Note: quite often there will be multiple line items for Java. Make sure that you remove all of them.

So the conclusion is to uninstall Java. There might be a web site you won’t be able to use in its entirety, but you can feel a lot safer and sleep better at night.

How to Disable or Uninstall Java

For Windows users, the latest version of Java, Version 7 Update 10, also allows you to disable Java in all of your browsers through the Java Control Panel. Find the Java icon from within the Windows Control Panel, go to the Security Tab and uncheck “Enable Java content in the browser”

Windows users with earlier versions of Java who wish to disable Java should follow the instructions below for individual browsers.

Internet Explorer
•Click on the Tools dropdown menu, then Manage Add-ons.
•Find the Java Plug-in under Toolbars and Extensions (it’s listed under Oracle America), highlight it and click Disable.

Chrome
•Click on the Chrome menu, and then select Settings
•At the bottom of Settings window, click Show advanced settings
•Scroll down to the Privacy section and click on Content Settings
•In the Content Settings panel, scroll to the Plug-ins section and click Disable individual plug-ins.
•Find the Java plugin and click Disable

Firefox
•Click on the Firefox tab and then select Add-ons
•Select Plugins, find “Java (TM) Platform plugin” and click Disable (a of 1/11/13, Firefox has automatically disabled the Java plugin, but you should check to verify this has been done for your browser).

UPDATE 1/14/13: Uninstalling Java may not remove the plug-in from your browser. After the uninstall, we recommend you check your individual browser settingsas well.

UPDATE 1/14/13:Oracle released a patch, Java version 7, Update 11, to address the security hole and change the default security setting in Java to “High”, requiring users to confirm an applet is safe before running.
http://www.techlicious.com/blog/crit...mediate-action
Reply With Quote
Someday, 12:01 PM
admin's Avatar
Ads / Sponsors
 
Join Date: ∞
Posts: 42
Thanks: ∞
Thanked 42 Times in 42 Posts
  #2  
01-20-2013, 02:45 PM
thecoalman thecoalman is offline
Premium Member
 
Join Date: Jan 2005
Location: United States
Posts: 130
Thanked 18 Times in 17 Posts
Best practice is not have it installed if you don't need it, that really applies to anything. Most people can get by without Java.

Having said that disabling it your browser will protect you from most threats. Just be careful about launching it from a file download.
Reply With Quote
  #3  
01-23-2013, 10:22 PM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
 
Join Date: Feb 2004
Posts: 4,241
Thanked 354 Times in 332 Posts
Java is a risk for most computers, yes. It's gotten where we run virtual machines here for anything that requires it. It's an unnecessary browser add-on, so it's good that Firefox and Chrome -- I don't know about IE -- are finally prompting you to remove and/or disable it when found.

Not a myth.

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
Reply




Similar Threads
Thread Thread Starter Forum Replies Last Post
Can I Burn at the computer from the TV? The Barking Cow Project Planning, Workflows 3 03-22-2012 12:00 AM
Capturing VHS with my computer? mny90 Capture, Record, Transfer 7 03-05-2011 08:24 PM
Computer Crashed Need Help stoogedog Computers 0 01-05-2009 07:16 AM

Thread Tools



 
All times are GMT -5. The time now is 04:20 AM