Go Back   Computer Forums > General Computing > Programming
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 03-20-2013, 06:02 AM   #31
Site Team
 
berry120's Avatar
 
Join Date: Jul 2009
Location: England, UK
Posts: 3,425
Default Re: Java and viruses

Quote:
Originally Posted by FloydV View Post
OK, that was the piece I was missing. The applet plugin is buried in the Firefox code, or can it be turned on and off?
Turned on and off, just like any other plugin (that's what makes it a plugin in the first place )
__________________

__________________
Save the whales, feed the hungry, free the mallocs.
berry120 is offline   Reply With Quote
Old 03-20-2013, 07:53 AM   #32
Wizard of Wires
 
setishock's Avatar
 
Join Date: Feb 2005
Location: Not sure
Posts: 10,030
Default Re: Java and viruses

I have kept up with this thread and found it interesting enough to pop in and add something.
Poorly written or malicious code can be created in any language. Take vBulletin mods for example. Badly written code can punch a truck sized door in your security and make you vulnerable to hackers. Malicious code skillfully written can do far worse. You wouldn't believe how bad things can get with either one.
It's not the language that's at fault. It's how it's used.
__________________

setishock is offline   Reply With Quote
Old 03-20-2013, 02:28 PM   #33
Solid State Member
 
Join Date: Mar 2013
Location: U.S.
Posts: 16
Default Re: Java and viruses

Would it be called Java Deployment Toolkit or Java Platform S.E.? I have those disabled, and I haven't missed them. I do have Javascript enabled. There are many common sites, like online banking that won't work without it.
FloydV is offline   Reply With Quote
Old 03-20-2013, 02:30 PM   #34
Site Team
 
berry120's Avatar
 
Join Date: Jul 2009
Location: England, UK
Posts: 3,425
Default Re: Java and viruses

Quote:
Originally Posted by FloydV View Post
Would it be called Java Deployment Toolkit or Java Platform S.E.? I have those disabled, and I haven't missed them. I do have Javascript enabled. There are many common sites, like online banking that won't work without it.
Both are probably related in all likelihood -nothing wrong with disabling both those plugins.

As I've said numerous times in the past, and will continue to say many times in the future, Javascript is an entirely separate technology, nothing to do with Java whatsoever!
__________________
Save the whales, feed the hungry, free the mallocs.
berry120 is offline   Reply With Quote
Old 03-20-2013, 02:45 PM   #35
Solid State Member
 
Join Date: Mar 2013
Location: U.S.
Posts: 16
Default Re: Java and viruses

Thanks again Berry. This has been a most enlightening thread for me. I appreciate your time and courtesy.

Floyd
FloydV is offline   Reply With Quote
Old 03-21-2013, 02:17 PM   #36
In Runtime
 
Join Date: Feb 2013
Location: UK
Posts: 156
Default Re: Java and viruses

Quote:
Originally Posted by FloydV View Post
Would it be called Java Deployment Toolkit or Java Platform S.E.? I have those disabled, and I haven't missed them. I do have Javascript enabled. There are many common sites, like online banking that won't work without it.
For these very such occasions can I recommend the 'noscript' addon for firefox.

Disclaimer: It will take a few days 'normal' browsing to stop it asking you for confirmation about everything but is DEFINITELY worth the time to do so

It allows you to configure, domain by domain, what sites are allowed to run any type of scripting and those which aren't. There are essentially zero threats that are in common use which can be taken advantage of in your browser with scripting playing some part (the exception being blindly clicking 'download some malware from here - click me!' links).

And aside from the security benefits (which are reason enough on their own), when combined with AdBlockPlus and Ghostery it actually speeds up your page loading times significantly because of all the resource requests which aren't performed.

Some very simple rules to using noscript:

1) Go around all your main day-to-day sites which you solidly trust and select 'permanently allow domain.com'

2) NEVER click 'allow scripts globally'

3) Any page which you visit which doesn't provide you access to all the features you need (forms, voting buttons, videos etc.) - find the domain which is most likely to be hosting those features and either temporary allow (if you're unlikely/unknowingly going to visit again) or permanently allow if you're coming into regular contact with it. For example sites like facebook will require akamai's content distribution domain (akamai-hd.net I think) to work normally, so that I would add to my permanent list, but ads.doubleclick.net I would not even do temporary unless the site didn't work without it.

4) For the occasion when you're in a rush and just 'want a site to work' then choose 'Temporarily allow all this page' and it will work until you close firefox.

That should keep you plenty safe enough from 99% of web threats, for the really paranoid there's the lynx text browser in a linux vm running from a live-cd on ESXi virtualised hardware - aka the dark ages.
_michaelm is offline   Reply With Quote
Old 03-21-2013, 02:58 PM   #37
Site Team
 
berry120's Avatar
 
Join Date: Jul 2009
Location: England, UK
Posts: 3,425
Default Re: Java and viruses

Quote:
Originally Posted by _michaelm View Post
For these very such occasions can I recommend the 'noscript' addon for firefox.

Disclaimer: It will take a few days 'normal' browsing to stop it asking you for confirmation about everything but is DEFINITELY worth the time to do so

It allows you to configure, domain by domain, what sites are allowed to run any type of scripting and those which aren't. There are essentially zero threats that are in common use which can be taken advantage of in your browser with scripting playing some part (the exception being blindly clicking 'download some malware from here - click me!' links).

And aside from the security benefits (which are reason enough on their own), when combined with AdBlockPlus and Ghostery it actually speeds up your page loading times significantly because of all the resource requests which aren't performed.

Some very simple rules to using noscript:

1) Go around all your main day-to-day sites which you solidly trust and select 'permanently allow domain.com'

2) NEVER click 'allow scripts globally'

3) Any page which you visit which doesn't provide you access to all the features you need (forms, voting buttons, videos etc.) - find the domain which is most likely to be hosting those features and either temporary allow (if you're unlikely/unknowingly going to visit again) or permanently allow if you're coming into regular contact with it. For example sites like facebook will require akamai's content distribution domain (akamai-hd.net I think) to work normally, so that I would add to my permanent list, but ads.doubleclick.net I would not even do temporary unless the site didn't work without it.

4) For the occasion when you're in a rush and just 'want a site to work' then choose 'Temporarily allow all this page' and it will work until you close firefox.

That should keep you plenty safe enough from 99% of web threats, for the really paranoid there's the lynx text browser in a linux vm running from a live-cd on ESXi virtualised hardware - aka the dark ages.
You *can* of course do this, though I'd say it's hugely overkill to be honest... the time taken to do this to every website I frequent would be huge, and I don't think I'd get that time saving back!
__________________
Save the whales, feed the hungry, free the mallocs.
berry120 is offline   Reply With Quote
Old 03-21-2013, 06:32 PM   #38
Solid State Member
 
Join Date: Mar 2013
Location: U.S.
Posts: 16
Default Re: Java and viruses

Quote:
Originally Posted by berry120 View Post
You *can* of course do this, though I'd say it's hugely overkill to be honest... the time taken to do this to every website I frequent would be huge, and I don't think I'd get that time saving back!
I'm using No Script, and I find it very easy to use. There is another called Flash Block that substitutes a button to see media.
FloydV is offline   Reply With Quote
Old 03-22-2013, 02:50 AM   #39
In Runtime
 
TheCrow's Avatar
 
Join Date: Jan 2013
Location: Canada
Posts: 116
Default Re: Java and viruses

since we are talking about "JRE" should we be updating it like a mo%@#$f#@$ on a iMac?
TheCrow is offline   Reply With Quote
Old 03-22-2013, 01:22 PM   #40
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 8,004
Default Re: Java and viruses

ideally you should always run the most up-to-date software that you can -regardless of your platform.

FYI Cisco ADSM launcher is another application that can be a little picky when it comes to the version of Java available on a machine...
__________________

__________________
I didn’t fight my way to the top of the food chain to be a vegetarian…
Im sick of people saying 'dont waste paper'. If trees wanted to live, they'd all carry guns.
"The inherent vice of capitalism is the unequal sharing of blessings; The inherent vice of socialism is the equal sharing of miseries."
root is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 09:54 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0