Skip navigation

Is possible to bypass javaplugin blacklisting ?

446 Views 7 Replies Latest reply: Feb 4, 2013 6:39 PM by thomas_r. RSS
BiggestMouseOfWorld Calculating status...
Currently Being Moderated
Jan 31, 2013 7:45 AM

Is possible to bypass javaplugin blacklisting setted today? A lot of internet application all around the world uses java plugin technology. That's unbelivable.!.

OS X Mountain Lion (10.8.2), New XProtect.plist
  • thomas_r. Level 7 Level 7 (26,930 points)

    Yes, it certainly is unbelievable that so many applications still use Java, despite the security nightmare that it has become!

     

    There are ways to get around this, though I would not recommend any of them as they will cause short-term security issues, and may also introduce long-term security issues if using them results in future failures to properly update the file you would have to modify. You would be strongly advised to find other ways to get things done, and avoid Java entirely, rather than deliberately poke holes in the systems designed to keep you secure online.

  • William Lloyd Level 6 Level 6 (19,205 points)

    What are you talking about?  The Apple Support Communities site may be written in Java (I don't know), but it does not REQUIRE the Java plug-in.  I have Java disabled in my browser and haven't come across any site that requires Java in years.

     

    The only real application I know that needs it is Juniper's SSL VPN client.

  • thomas_r. Level 7 Level 7 (26,930 points)

    What about the next step. Use only tecnology Apple Recomended? Nagigate only on Apple recomended web sites?

     

    The next step is in Oracle's hands. This has nothing to do with only using things that Apple endorses, it has to do with massive security problems with Java. Pretty much every security organization in the world, as well as the US Department of Homeland Security and probably a number of other government organizations, recommend disabling Java in the web browser.

     

    It's a crazy policy. Consider that the vulnerabilities are known since one year!

     

    Not true. The current version of Java includes three vulnerabilities that I'm aware of. One is based on an old bug, but the other two are not, and all three were discovered in the last 2 weeks. Prior to that, a new vulnerability was discovered on January 10, and fixed in Java 7u11. Last year, Java repeatedly fell victim to exploits that took advantage of a constant stream of new vulnerabilities, some of which resulted in one of the largest-scale infections in Mac history. (See About the Flashback malware.)

     

    This is not a made-up concern, it's a very real threat, and I, for one, am glad to see Apple taking it seriously.

  • BobCov Calculating status...
    Currently Being Moderated
    Feb 4, 2013 5:54 PM (in response to thomas_r.)

    My advice:  While I think it is fine to warn people they MAY be making a mistake, it's just obnoxious to not answer the question. Not everybody here is drinking the Cupertino Kool-Aid. I too need to do the same thing this questioner asked about. I too need an answer, not a nanny.

  • Barney-15E Level 7 Level 7 (33,270 points)
    Currently Being Moderated
    Feb 4, 2013 6:19 PM (in response to BobCov)

    BobCov wrote:

     

    My advice:  While I think it is fine to warn people they MAY be making a mistake, it's just obnoxious to not answer the question. Not everybody here is drinking the Cupertino Kool-Aid. I too need to do the same thing this questioner asked about. I too need an answer, not a nanny.

    Just disable XProtect updates in the Security System Prefs. The nanny won't be taking care of you and you can fend for yourself.

  • thomas_r. Level 7 Level 7 (26,930 points)
    Currently Being Moderated
    Feb 4, 2013 6:39 PM (in response to BobCov)

    I too need an answer, not a nanny.

     

    The problem is gone. Just go get the latest version of Java. It was released on Friday.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.