Java And Why You Should Disable It

[DEEJAYKEG]

Yes, I know this isn't game-specific but this topic came up in game chat today and met with various reactions so the least I can do is to place the facts before you all and you can make whatever decision you consider relevant to your own machine. Suffice to say that Java is not installed on any machines here and, especially if you do anything of a financial nature with your PC (online shopping or banking, for example), you may share my opinion that it just is not worth the risk.

 

As the article to which I am linking below says,

 

"Time and time again we're seeing examples of cybercriminals exploiting flaws in Java to infect innocent users' computers.

For instance, earlier this year we saw more than 600,000 Macs infected by the Flashback malware because of a Java security flaw.

In fact, it has become increasingly common to see malware authors exploiting vulnerabilities in Java - as it is so commonly installed, and has been frequently found to be lacking when it comes to security.

Cybercriminals also love Java because it is multi-platform - capable of running on computers regardless of whether they are running Windows, Mac OS X or Linux. As a result it's not unusual for us to see malicious hackers use Java as an integral part of their attack before serving up an OS-specific payload."

 

Full article at: http://nakedsecurity.sophos.com/2012/08/30/how-turn-off-java-browser/

 

(Note: Java is not the same as Javascript.)

 

Though I don't use Sophos software, the Naked Security blog is excellent for remaining informed about current threats.

[KaptCrunch]

if using Java and don't leave older versions on drive, remove them

 

only keeping current on drive

[Sonovabich]

I need Java to use one of my admin tools, Modern Rcon won't work without it.

[Cavey]

DJ you can't use Sophos software if you wanted to. They only deal with Businesses, not home users. When the company I work for merged with 2 other companies, I was tasked with the project to harmonise our Group wide endpoint security. After viewing many vendors, Sophos came out on top, and we have been using their Enterprise solution since 2009, and I'm very please, as it includes AV, firewall, app control, data control, device control, web control, patch management and full disk encryption. Their management console kicks ass compared to the others.

[Labob]

You may also go start control panel click the java button and it should have on the front page " Keep tempory files on my computer. " make sure it is deselected, not enabled, unchecked. It you prefere to have it on its also where you go to delete said shit files button says Delete files click it often and hard. Thank you for the vent.

[CobraBites]

i would say 90 percent of websites requires you to have java ...just saying ...and ive never had an issue..my system stays clean..

[Sammy]

For websites, its javascript. But I dont think that actually needs java itself installed.

[J3st3r]

I need Java to use one of my admin tools, Modern Rcon won't work without it.

 

Rcon is a pain in the ass isn't it.

 

I've admined several BF1942/DC servers and BF2 servers back in the day.Don't know if they've improved it's functionality but I've always hated it just because it is Java based.

 

BF2RA is a real PITA I do remember that.C&C admin tools are not to bad.

Edited December 12, 2012 by Pvt.Death

[DEEJAYKEG]

For those that need Java (a minority, I suggest), the tip about keeping a separate browser with it enabled should reduce the risk.

Web sites that run scripts use Javascript not Java, as Sammy says correctly (you do not need Java to run Javascript).

The web site that members are likely to visit that does use it is System Requirement Labs' "Can You Run It" - one can still make use of the site even if the tool that would run on your machine does not. You only need to know the specs of your PC to make sense of the information with which it provides you.

[Guybrush]

Some of you may be able to get by with disabling it, but if you're a current member of the military, you need Java to gain access to secure websites like DTS, iPerms, etc. If you aren't in the military, you may also find that some of your web services don't work without Java. All the same you wouldn't figure that out until you disable it.

 

The issue is vulnerability. Java has been around for a long time. And for as long as I can remember, there have always been issues. The same went for the flash technology, especially during its heyday. Now not so much because of how little it's being used. But back in the day, the permissions available to the local file enabled it to do just about whatever it wanted.

 

The best way to protect yourself from attacks is obviously 1) keep your antivirus definitions up to date, 2) don't click on links if you don't know where they go, and 3) Don't allow Java applets access to your computer (Java, along with flash, are required to gain user approval for any local action, that means it will ASK you for permission.) unless you're absolutely trusting of its source.

Edited December 12, 2012 by flashadvocate