why is everyone so worried about Java plug ins for websites? is it dangerous? does it leave an open port for easy hacking? Does anyone know why Java can;t just stream on without worrying about permissions and security issues?
iMac, OS X Mountain Lion (10.8.2)
Helpful Links Regarding Malware Protection
An excellent link to read is Tom Reed's Mac Malware Guide.
Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.
See these Apple articles:
Mac OS X Snow Leopard and malware detection
OS X Lion- Protect your Mac from malware
OS X Mountain Lion- Protect your Mac from malware
If you require anti-virus protection I recommend using ClamXav.
I don't know where to begin. Google "Java Vulnerability" and you'll get over five million hits.
In the past it has allowed malware to infect OS X by simply visiting the site and there were no tools available at the time to stop it. Over 600,000 users were said to have been infected and we still run across a few every week still infected over a year later.
The problem is that Java, when enabled in your web browser, allows third-party code on a web site to run on your computer. Worse, Java's security has proven to be full of holes, so that third-party code can fairly easily escape from its "sandbox" (which is supposed to limit what it is capable of doing). Over the last year, there probably haven't been more than a total of a few weeks when Java didn't have a known vulnerability. Currently, it's been vulnerable for 47 days with no fix yet:
For more information on all this, see:
why is everyone so worried about Java plug ins for websites? is it dangerous? does it leave an open port for easy hacking? Does anyone know why Java can;t just stream on without worrying about permissions and security issues?
