Oracle has released a cross-platform update for Java that addresses 17 vulnerabilities in the ubiquitous software platform. All 17 vulnerabilities might be abused to inject code into vulnerable systems, and all but one affect how Java Runtime Environment client software runs in browsers. Java 6 update 26 for Windows, Linux and …
Let's face it
Java, Adobe Reader, Adobe Flash are all ubiquitous and are good choices for attack vectors. Even easier than Windows as they tend not to get updated.
Does anyone actually use Java in a browser any more?
Indeed, if you're not a developer or use Java in an office intranet, why would you have it installed at all - its just one more, quite impressive, source of attack vectors to your computer and network?
...actually use Java in a browser any more?
Sadly yes, for some crappy web sites that either don't work, or are a major pain otherwise. Examples include:
Facebook's photo uploader, either hand selecting 5 images at a time, or allowing them to access your machine via a Java thing to allow all files in a directory, etc, to be selected. No way on my PC!
One of the genealogy web sites my father uses is so crap a design that your choice is to use IE & ActiveX enabled, or a Java viewer (which, last time I looked at his PC, is also out of date and leaves an ever-increasing tree of cache directories):
The Devil & deep blue sea as far as security is concerned! For him I set up Linux & Java as the least-worst option for this.
doomed, so are all those bloated managed crap.
I guess thumbs down
are the best proofs some people swallowed the Java propaganda.
This PC has always had the Java VM running on it, and I'd always assumed that something-or-other other used it. From this article and from remarks here and elsewhere, I can see that it isn't, so I just uninstalled it. Hopefully it will improve my boot time a tad, too.
One of the voices in my head said "we might want to develop something in Java one day", but the other voices all just looked at it, until it said "I'll get my coat".
You can't develop java with it
You need JDK and even if you install it, there is a little (almost no) need to enable java applets in browsers.
Vm isn't the problem, browser applets automatic running is the problem.
Also you won't get a speed up on booting if you remove java, it isn't resident except 700KB java update checker. They should have used windows built in scheduling like Apple software update btw.
Successful, secure apps are always "real" stuff,for example Vuze, not java applets. Applets have very stupid restrictions anyway.
Successful, secure apps are not Java applets?
Tell that to Thomson Reuters, who have several successful (i.e. popular and profitable), secure applications for trading FX and other instruments, all delivered as Java applets and Java Web Start. The users are tier 3 institutions, rather than full-time traders, because the Internet introduces latencies that are unacceptable for the latter, but they still trade billions of dollars.
Before working on these applications I too thought applets were just annoying gadgets embedded in web pages. To my surprise I discovered that an applet can be a good way to deliver a large, complex application to the desktop. No need for distribution media or download instructions. No requirement to get authorisation for a desktop installation - in companies that have outsourced their IT infrastructure this can take months.
This is something I wish I'd known before I spent a year rewriting a Java Swing program as a web application.
Just installed java
and there is no difference in browsing the net. Maybe it is slightly faster to open a new browser window. But no error messages or anything.
Why was it installed at all, and who had installed it?
Icon: not because of the angle, but because of the question mark
- World's OLDEST human DNA found in leg bone – but that's not the only boning going on...
- Lightning strikes USB bosses: Next-gen jacks will be REVERSIBLE
- Pics Brit inventors' GRAVITY POWERED LIGHT ships out after just 1 year
- Facebook offshores HUGE WAD OF CASH to Caymans - via Ireland
- Microsoft teams up with Feds, Europol in ZeroAccess botnet zombie hunt