US Government Says to Disable Java

[Frezzato]

Actually, they want you to uninstall it. Same thing? Kind of extreme advice, wouldn't you say?
http://www.neowin.net/news/disable-java-warns-us-government
-

http://www.designntrend.com/articles/3110/20130112/how-to-disable-java-step-by-step-tutorial-protect-yourself-hackers-using-java-photos.htm


Still, I've heard a lot of bad things about Java regarding the older versions that are resident within Windows. Anyone following this advice?

Record number of posts from me today. Sorry.

-EDIT-

Huh, I had no idea there was a Java control panel. Somethin' new every day.

 

[Doclector]

I disabled it a while back due to an earlier exploit. I checked back today, and one of the parts of java that I've disabled is actually now carries a warning with it not to enable it due to security vulnerabilities.

Yeah, it ain't been a good year for Java or its, well, let's face it, few users. Seriously, i've only noticed one time where having java disabled has stopped something working, and that was on java's own site.

 

[Quaxar]

Well, reading the OP certainly crushed my expectations of a US invasion of Indonesia. Better that was I guess.

I generally use NoScript, which is quite handy because you can set it to only allow trustworthy sites (like the Escapist of course) to execute java scripts. It's like a safety belt for your browser!

 

[Hazy992]

Predictions for this thread: People confusing Java and JavaScript (notice the "not to be confused" messages at the tops of those pages).

THEY ARE NOT THE SAME THING. They are completely different.


Anyway, I don't even have Java installed (no, I don't play Minecraft), so I'm fine.

But if you turn off Java won't that stop Javascript from working? I'm confused :S

 

[DoPo]

Predictions for this thread: People confusing Java and JavaScript (notice the "not to be confused" messages at the tops of those pages).

THEY ARE NOT THE SAME THING. They are completely different.

Thanks for pointing this out. If the thread lives to page 2, I'm pretty sure somebody would miss it anyway.

But if you turn off Java won't that stop Javascript from working? I'm confused :S

No, not at all. Here is a brief history of the relationship between the two: back in the dawn of time when dinosaurs roamed the land and the world was young...so in the 90s, there was this thing called ECMAScript that was used for doing fancy stuff on the web. Also, around that time, Java came out and was widely used for doing fancy stuff on the web. In an entirely unrelated and different way. But Java was gaining in popularity and everybody started talking about how cool it was. So somebody had the bright idea to rename ECMAScript to JavaScript, because apparently "Java" made everything cooler by 20%, even if it was just the word.

And that's the relationship between the two.

Anyway, I have disabled Java from wa-a-ay before it was popular to do it Thing is, I've encountered probably 2-3 websites in total that have Java applets on them for the past...more than a year now. And 1-2 of those I visited because I was after Java tutorials. So yeah, it's not a big loss for anybody.

 

[Hazy992]

snippety snip

Holy snips, Batman!

Right thanks for clearing that up. So I should disable it then? I play Minecraft from time to time.

 

[thesilentman]

snippety snip

Holy snips, Batman!

Right thanks for clearing that up. So I should disable it then? I play Minecraft from time to time.

Yeah, you should. Most of the machines that have Java installed have at least had a virus once. Good to be safe than sorry, and all that.

Thanks for the heads-up OP. Yet another reason that I don't like or use Java...

 

[Hazy992]

snippety snip

Holy snips, Batman!

Right thanks for clearing that up. So I should disable it then? I play Minecraft from time to time.

Yeah, you should. Most of the machines that have Java installed have at least had a virus once. Good to be safe than sorry, and all that.

Thanks for the heads-up OP. Yet another reason that I don't like or use Java...

Yeah I've uninstalled it. Guess I'll just have to go without Minecraft until they sort it out :/

Thanks.

 

[Cookiegerard]

Just wondering, how long has this issue been there? I mean, I literally just got my new computer, I'm still trying to get used to Windows 8, and have put on all my programs and files, including Minecraft today. I don't want to have to remove or redo a lot of stuff. Basically, how serious is this issue?

EDIT: Yeah, I just downloaded the Java files today while setting up Minecraft, I'm up to date. SO I have nothing to worry about?

 

[Living Contradiction]

Huh. Apparently Oracle knew about the exploit all along and released its latest version of Java with the glaring errors in it anyway. http://thenextweb.com/apps/2013/01/12/oracle-confirms-latest-java-7-vulnerability-and-announces-a-fix-will-be-available-shortly/

Gotta love corporate indifference. Thanks for the heads up, FizzyIzze

 

[Esotera]

Eh, I don't really visit any dodgy sites and tend to stick to a select few that I know are fine, so I'll be ok. This seems to be quite typical of Java 7, everyone is desperately clinging to Java 6.

 

[DoPo]

Javascript on the other hand, is merely a client-side scripting language for websites. Almost every website uses it, and turning it off completely will break most websites (including this one).
Javascript doesn't have the security problem this article is dealing with.

But it does have it's own problems and why is it used when a lot of it's functions can be done without it?

Depends on the situation? Sure, you can do "a lot" (very, very hard to define what that means) of what you can do with JS without it, however not all. In fact, in some ways, very few things can be done without JS. It has problems, yes, but so does every other software ever. If you're going to suggest not to use JavaScript we may as well unplug our computers from the web. And hey, just unplug them from the power, too - safer that way. There have been attacks against virtually anything to do with the web - Java, JavaScript, browsers, webservers, frameworks, backend systems, operating systems (both client and server) and, heck, even people. The solution "just don't use it" is laughable and ridiculous - are we going to remove people, too? Safer that way, eh? No, the correct way to proceed is to be informed and using whatever you use wisely. JavaScript or whatever.