DHS advises disabling java to avoid major hacks

Discussion in 'Travel Technology' started by Gargoyle, Jan 11, 2013.  |  Print Topic

  1. Gargoyle
    Original Member

    Gargoyle Milepoint Guide

    Messages:
    22,015
    Likes Received:
    96,543
    Status Points:
    20,020
    The U.S. Department of Homeland Security is advising people to temporarily disable the Java software on their computers to avoid potential hacking attacks.
    The recommendation came in an advisory issued late Thursday, following up on concerns raised by computer security experts.

    Experts believe hackers have found a flaw in Java's coding that creates an opening for criminal activity and other high-tech mischief.
     
    FlyingBear and sobore like this.
  2. MX

    MX Gold Member

    Messages:
    2,215
    Likes Received:
    4,805
    Status Points:
    2,545
    I've used the "No-Script" add-on with my Firefox browser for ages, and highly recommend it. This add-on disables all Java scripts by default. When you visit a website for the first time, you selectively enable all useful Java providers -- and you only have to do it once. If you're not sure about any Java content, you can first check its ratings and other users' experiences. Most internet nuisances are written in Java, so this add-on has been a real blessing.
     
    Gargoyle likes this.
  3. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,222
    Likes Received:
    61,771
    Status Points:
    20,020
    This is a report about Java, not JavaScript. They are different things.

    And I am saddened to see that CERT is now part of DHS. :(
     
    Gargoyle likes this.
  4. effseeoh

    effseeoh Gold Member

    Messages:
    740
    Likes Received:
    2,458
    Status Points:
    1,145
    Indeed. However noscript also disables java.
     
    MX and Gargoyle like this.
  5. sobore
    Original Member

    sobore Gold Member

    Messages:
    12,421
    Likes Received:
    33,847
    Status Points:
    16,520
    I would think this would prompt a very rapid Java update.
     
    Gargoyle likes this.
  6. Tivoboy
    Original Member

    Tivoboy Milepoint Guide

    Messages:
    460
    Likes Received:
    283
    Status Points:
    595
    Yeah, this is about Java CONSOLE not the javascript, which one can stop/block in various ways if necessary, but I don't believe that is where the security hole is.

    Oracle has already said they would fix this very quickly, but the reality is that we probably won't have a Java in a few years. There are enough alternative local app/web app environments that we can do without. But, at the moment, companies like logmein and gotomeeting are in a pinch. I wonder how it is affecting them.
     
    Gargoyle, sobore and FlyingBear like this.
  7. FlyingBear
    Original Member

    FlyingBear Silver Member

    Messages:
    919
    Likes Received:
    1,018
    Status Points:
    845
    I went scrambling to disable Java on my 3-month fresh install on my home computer and... apparently I've done just fine without ever installing Java on my computer. So as far as my home usage goes, apparently Java is no longer needed already!

    My work computer still requires it for some of the internal systems, let's see how our IS guys react to this.
     
    Gargoyle and sobore like this.
  8. bigx0

    bigx0 Gold Member

    Messages:
    1,274
    Likes Received:
    2,287
    Status Points:
    1,270
  9. Wandering Aramean
    Original Member

    Wandering Aramean Gold Member

    Messages:
    28,222
    Likes Received:
    61,771
    Status Points:
    20,020
    So does turning off the computer. ;)

    Just pointing out that the suggestion there was FAR more than what is actually required to address the situation and might have more significant effects than addressing the offending software.
     
  10. effseeoh

    effseeoh Gold Member

    Messages:
    740
    Likes Received:
    2,458
    Status Points:
    1,145
    I use noscript all the time, and the original advisory had a link to noscript too. Sounds like a good idea to me and has the nice side-effect of blocking about 98% of ads :)
     
  11. bonnerbl
    Original Member

    bonnerbl Gold Member

    Messages:
    800
    Likes Received:
    2,046
    Status Points:
    1,170
    Same here
     
  12. HaveMilesWillTravel
    Original Member

    HaveMilesWillTravel Gold Member

    Messages:
    12,504
    Likes Received:
    20,199
    Status Points:
    16,520
    Career path for blue shirts?
     
  13. FlyingBear
    Original Member

    FlyingBear Silver Member

    Messages:
    919
    Likes Received:
    1,018
    Status Points:
    845
    HaveMilesWillTravel likes this.
  14. bigx0

    bigx0 Gold Member

    Messages:
    1,274
    Likes Received:
    2,287
    Status Points:
    1,270
    I'll drop my resume in the mail to them.:D
     
  15. bonnerbl
    Original Member

    bonnerbl Gold Member

    Messages:
    800
    Likes Received:
    2,046
    Status Points:
    1,170
    An update has been posted to fix the problem.
     
  16. webdes03

    webdes03 Gold Member

    Messages:
    1,267
    Likes Received:
    2,298
    Status Points:
    1,225
    But as stated, it also disables Java Script, which pretty much disables the web these days. Just uninstall your Java plugin and you're set.
     
  17. Captain Oveur
    Original Member

    Captain Oveur Gold Member

    Messages:
    7,243
    Likes Received:
    14,058
    Status Points:
    12,520
    Consider the source. This is coming from the same agency that talked about plastic sheeting and duct tape to save us from nuclear attack.
     

Share This Page