Homeland Security urges computer users to disable Java http://www.chicagotribune.com/busin...sers-to-disable-java-20130111,0,5686660.story
heres how to disable it in your browser http://gizmodo.com/5975475/how-to-disable-java-in-your-browser http://gizmodo.com/5975415/even-the-department-of-homeland-security-wants-you-to-disable-your-java "Oracle plans to release a patch on Tuesday that will fix the bulk of the problems by closing up a whopping 86 vulnerabilities, meaning that for the time being, you've got at least 86 vulnerabilities to worry about if you've got Java on. In the meantime, you best disable that stuff"
some guy on facebook had a conspiracy about how this was a way for the government to hax your computer and Obama's gay-muslim-atheist agenda was in full effect.
If you go to a major website that uses Flash for anything other than video, they're doing it wrong. JavaScript/jQuery can do nearly everything Flash can in a website setting and are far more secure... there is of course HTML5 as well. DHTML is pretty old school can work in a pinch too. If you go to a website that uses a JAVA applet, they're just being lazy.
Not JavaScript, Java Runtime. JavaScript is a web language that runs in your browser, Java Runtime is a program that runs on your computer and executes Java code either in a web browser, or an application. An example would be Minecraft (the game) which runs on Java. Re-enable JavaScript. If you want to remove Java, see here.
Is this a joke? Since when do the Homeland Security folks put out computer security alerts. These reeks of politics. Somebody (likely Microsoft) paid them to make this announcement. You can't blame a freaking software language and its virtual machine for a hack to the point of telling people to turn it off. good lord
Look. Using Java as an applet is not being lazy. Where do you get that from? I love javascript, probably more than any programmer I know. But it CANNOT do everything that Java applets can. You are just talking about GUIs. Do you know who Citrix is? And do you know how important their software is to businesses? There is no way the Homeland Security little computer team can put out an alert to turn off Citrix. It's just ridiculous.
As soon as I saw the thread, it smelled like a hoax to me. People are so gullible. JAVA is only the single most-used software platform on the planet.. It's like when that panic went around telling people to delete the little teddy bear from Windows... lol
whoa, I stand corrected. This announcement (by US-CERT) is echoed by CERT....so yeah, they are go to people for computer alerts. EDIT: CERT only recommends to turn off Java. http://www.kb.cert.org/vuls/id/625617 "Solution We are currently unaware of a practical solution to this problem. Please consider the following workarounds: Disable Java in web browsers"
So is this just the latest version of Java that they're talking about? I'm still running version 6 because my most used application didn't work with 7.
Let's not talk out of our butts now. The government has been telling people about security vulnerabilities in software for decades. The NIST, CIA and Department of Defense all regularly publish best practice documents on various systems (example PDF) and regularly post alerts. What about the FBI DNS shutdown this summer? I never said Javascript was a stand-alone replacment for Java, I also mentioned DHTML, jQuery (framework obviously) and HTML 5. Also notice I was referring to WEBSITES. I'm very aware of Citrix, I've supported some of the largest Citrix environments in the world... and I hated every minute of it. Did you guys even READ the alert from DHS? It was just that, an alert... urging people to disable it until it is patched. They are echoing security experts cries from as far back as August, five months later and the vulnerabilities still exist. It is no different then previous alerts on IE, Flash, etc. except that Oracle hasn't remedied the issues. With that said, Java is a dying technology mostly due to Oracles complete ineptness as of late. Personally, I believe relying on a client-side runtime to achieve something that can be accomplished in-browser is "the dark ages" to me (referring to web apps obviously). This of course, is simply my opinion.
