hii all
An update by oracle, and I still dont know what to do..
Can we turn java back on?
We don't dare to tell users that it's safe to enable Java again," said Gowdiak, a researcher with Poland's Security Explorations.
An Oracle spokeswoman declined to comment on Gowdiak's analysis.
www.reuters.com
(visit the link for the full news article)
Oracle updates Java, security expert says it still has bugs [UPDATED], page 1
Topic started on 13-1-2013 @ 05:49 PM by goou111
www.reuters.com
UPDATED STORY
Oracle says Java is fixed; feds maintain warning
Oracle updates Java, security expert says it still has bugs
www.reuters.com
Oracle Corp released an emergency update to its widely used Java software for surfing the Web on Sunday, days after the U.S. government urged PC users to disable the program because of a bug it said made computers vulnerable to attack by hackers.(visit the link for the full news article)
UPDATED STORY
Oracle says Java is fixed; feds maintain warning
Oracle said installing its "Update 11" will fix the problem.
edit on Mon Jan 14 2013 by DontTreadOnMe because: (no reason given)
reply posted on 13-1-2013 @ 05:57 PM by Klassified
reply to post by goou111
Java has never been a particularly safe platform anyway. The only reason you are any more unsafe now, than you were a few days ago, is because the exploit has been shouted from the rooftops.
"Please, come and take advantage of the hole we left open! It's been there through several versions, but now we're broadcasting it so everyone knows!"
I'm not sure what is REALLY going on here, but it's not near as much about this exploit, as it is about this exploit benefitting the industry in some way I'm not seeing yet. For me, my java will be staying on and updated.
Java has never been a particularly safe platform anyway. The only reason you are any more unsafe now, than you were a few days ago, is because the exploit has been shouted from the rooftops.
"Please, come and take advantage of the hole we left open! It's been there through several versions, but now we're broadcasting it so everyone knows!"
I'm not sure what is REALLY going on here, but it's not near as much about this exploit, as it is about this exploit benefitting the industry in some way I'm not seeing yet. For me, my java will be staying on and updated.
edit on 1/13/2013 by Klassified because: (no reason given)
reply posted on 13-1-2013 @ 06:19 PM by littled16
reply to post by goou111
I had uninstalled mine a few days ago, then reinstalled it yesterday as I couldn't get into Chat without it. I just updated it from the Java control panel and it is on. Even though it still has some bugs I realized that basically any program can be hacked and it's vulnerabilities taken advantage of by criminals.
A very good point was made on the ATS Live show. Someone said to ask yourself why would someone want to hack your personal computer? What do you have in there that would be so valuable that someone would single you out? After thinking about it I realized that nobody really wants my Hawaiian vacation pictures and I don't store passwords or account numbers on it- so nobody cares but me.
I had uninstalled mine a few days ago, then reinstalled it yesterday as I couldn't get into Chat without it. I just updated it from the Java control panel and it is on. Even though it still has some bugs I realized that basically any program can be hacked and it's vulnerabilities taken advantage of by criminals.
A very good point was made on the ATS Live show. Someone said to ask yourself why would someone want to hack your personal computer? What do you have in there that would be so valuable that someone would single you out? After thinking about it I realized that nobody really wants my Hawaiian vacation pictures and I don't store passwords or account numbers on it- so nobody cares but me.
reply posted on 13-1-2013 @ 06:24 PM by TKDRL
reply to post by littled16
One word, botnet. Hackers want to hack your computer for things like that. Aim the botnet at a target website, and all the infected computers start firing at it, DDOS.
Also, not everyone is smart about computers, and might very well have important numbers and passwords etc right there in a text file on their desktop
One word, botnet. Hackers want to hack your computer for things like that. Aim the botnet at a target website, and all the infected computers start firing at it, DDOS.
Also, not everyone is smart about computers, and might very well have important numbers and passwords etc right there in a text file on their desktop
reply posted on 13-1-2013 @ 06:34 PM by littled16
reply to post by TKDRL
That is true, but if hackers want to use your computer for a botnet there are other programs that are just as vulnerable as Java (Adobe Reader for example). I guess you're probably right about some people keeping too much information on their computers though. I have to stay on my parents about certain things like saving passwords that log them into financial websites, etc. I keep telling them it's like signing every blank check in your checkbook and leaving it out on the table.
That is true, but if hackers want to use your computer for a botnet there are other programs that are just as vulnerable as Java (Adobe Reader for example). I guess you're probably right about some people keeping too much information on their computers though. I have to stay on my parents about certain things like saving passwords that log them into financial websites, etc. I keep telling them it's like signing every blank check in your checkbook and leaving it out on the table.
reply posted on 13-1-2013 @ 08:35 PM by HunkaHunka
Originally posted by Klassified
reply to post by goou111
Java has never been a particularly safe platform anyway. The only reason you are any more unsafe now, than you were a few days ago, is because the exploit has been shouted from the rooftops.
"Please, come and take advantage of the hole we left open! It's been there through several versions, but now we're broadcasting it so everyone knows!"
I'm not sure what is REALLY going on here, but it's not near as much about this exploit, as it is about this exploit benefitting the industry in some way I'm not seeing yet. For me, my java will be staying on and updated.
edit on 1/13/2013 by Klassified because: (no reason given)
Go ahead and leave it on... I know of 12 other zero days that have not been published...
reply posted on 13-1-2013 @ 08:56 PM by Klassified
reply to post by HunkaHunka
Actually, last I heard there were a lot more than that. But the fact remains, Java(and Flash too) has always had these problems, and they won't go away with the newest patch. Nor will you be any more or less safe than you were before this was made known. It's fear mongering by the industry, and I think at least a portion of the media knows it.
Maybe anti-virus and anti-malware sales are down.
Nevertheless, I don't expect anyone to listen to me but my own customers. ATS members don't know me from Adam, and I realize that. But I won't be advising my customers to turn off their java. However, I will be advising them to take other precautions that everyone should be taking anyway.
For those interested... Clearing the java cache
Go ahead and leave it on... I know of 12 other zero days that have not been published...
Actually, last I heard there were a lot more than that. But the fact remains, Java(and Flash too) has always had these problems, and they won't go away with the newest patch. Nor will you be any more or less safe than you were before this was made known. It's fear mongering by the industry, and I think at least a portion of the media knows it.
Maybe anti-virus and anti-malware sales are down.
Nevertheless, I don't expect anyone to listen to me but my own customers. ATS members don't know me from Adam, and I realize that. But I won't be advising my customers to turn off their java. However, I will be advising them to take other precautions that everyone should be taking anyway.
For those interested... Clearing the java cache
edit on 1/13/2013 by
Klassified because: add link
reply posted on 13-1-2013 @ 09:10 PM by wildtimes
reply to post by Klassified
ACK!! So, now that I uninstalled it, how do I get it back??
(boo!!! 
)
ACK!! So, now that I uninstalled it, how do I get it back??
(boo!!! ) edit on 13-1-2013 by wildtimes because: (no reason given)
reply posted on 13-1-2013 @ 09:19 PM by Klassified
Originally posted by wildtimes
reply to post by Klassified
ACK!! So, now that I uninstalled it, how do I get it back??
edit on 13-1-2013 by wildtimes because: (no reason given)
Sent you a U2U with links.
reply posted on 13-1-2013 @ 09:30 PM by DontTreadOnMe
reply to post by Klassified
I appreciate your advice.
Won't running CCleaner do the same thing?
Or clearing your browser cache??
I appreciate your advice.
Won't running CCleaner do the same thing?
Or clearing your browser cache??
reply posted on 13-1-2013 @ 09:35 PM by wildtimes
reply to post by Klassified
GO IT!!!
Thanks, man!
(I use COMODO for anti-trouble - seems to be the best available free stuff, from reviews I read at the time)....
GO IT!!!
Thanks, man!
(I use COMODO for anti-trouble - seems to be the best available free stuff, from reviews I read at the time)....
reply posted on 13-1-2013 @ 09:35 PM by Klassified
Originally posted by DontTreadOnMe
reply to post by Klassified
I appreciate your advice.
Won't running CCleaner do the same thing?
Or clearing your browser cache??
Yes. Ccleaner is an awesome tool. But you have to manually check the little box under the applications tab that says "sun java", or it won't clear it.
reply posted on 13-1-2013 @ 09:38 PM by DontTreadOnMe
reply to post by Klassified
My box was checked.
How often should it be cleared.....I usually run the tool weekly.....
Just easier to clean out everything, after all.
My box was checked. How often should it be cleared.....I usually run the tool weekly.....
Just easier to clean out everything, after all.
reply posted on 13-1-2013 @ 09:42 PM by Klassified
Originally posted by wildtimes
reply to post by Klassified
GO IT!!!
Thanks, man!
(I use COMODO for anti-trouble - seems to be the best available free stuff, from reviews I read at the time)....
Good for you. Never, ever, pay for an anti-virus as long as there are good free ones to be had. Another one is Avast free. Just be sure and turn off its sandbox feature, it'll drive you nuts.
reply posted on 13-1-2013 @ 09:44 PM by Klassified
Originally posted by DontTreadOnMe
reply to post by Klassified
I appreciate your advice.
Won't running CCleaner do the same thing?
Or clearing your browser cache??
I use my ccleaner at the end of every day myself. And right now, keeping everything cleared is a good idea, to help prevent timed exploits from sitting on your machine.
ETA: Thank you BTW.
edit on 1/13/2013 by Klassified because: eta
Russia announces enormous finds of radioactive waste and nuclear reactors in Arctic seas
Posted 12 days ago with 49 member flags
Posted 12 days ago with 49 member flags
Newest topics, updated in real-time:
Newest topics getting flags, in real-time:
I-5 bridge over Skagit River collapses, cars with people in water
Other Current Events: 12 hours ago, 21 flags
Other Current Events: 12 hours ago, 21 flags
BREAKING VIDEO: UK Terrorists Charing At Police Get Shot
Other Current Events: 15 hours ago, 11 flags
Other Current Events: 15 hours ago, 11 flags
Jailed for three weeks awaiting trial over Facebook posts
Breaking Political News: 8 hours ago, 11 flags
Breaking Political News: 8 hours ago, 11 flags
Newest topics getting replies, in real-time:
I-5 bridge over Skagit River collapses, cars with people in water
Other Current Events: 12 hours ago, 56 replies
Other Current Events: 12 hours ago, 56 replies
Westboro plans to picket 9 year old's funeral in Moore, OK FRIDAY, 10 A.M.
Social Issues and Civil Unrest: 13 hours ago, 48 replies
Social Issues and Civil Unrest: 13 hours ago, 48 replies
BREAKING VIDEO: UK Terrorists Charing At Police Get Shot
Other Current Events: 15 hours ago, 28 replies
Other Current Events: 15 hours ago, 28 replies
Jailed for three weeks awaiting trial over Facebook posts
Breaking Political News: 8 hours ago, 26 replies
Breaking Political News: 8 hours ago, 26 replies
The Above Top Secret Web sites are a
wholly owned social content community of
The Above Network, LLC.
This content community relies on
user-generated content from our member contributors.
The opinions of our members are not those of site ownership
who maintains strict editorial agnosticism and simply provides
a collaborative venue for free expression.
ATS Server: www2.theabovenetwork.com
Header data: 0.002 seconds
Page processed in: 0.193 seconds
wholly owned social content community of
The Above Network, LLC.
This content community relies on
user-generated content from our member contributors.
The opinions of our members are not those of site ownership
who maintains strict editorial agnosticism and simply provides
a collaborative venue for free expression.
ATS Server: www2.theabovenetwork.com
Header data: 0.002 seconds
Page processed in: 0.193 seconds
