Join TSR now and chat about whatever you’re intoSign up now

"Everyone must remove java" Watch

    Offline

    3
    ReputationRep:
    (Original post by A5ko)
    I didn't say there is any point, I said be content with the basic recommendations of an AV and Malware solution, avoid getting hung up on every little facet.



    There are flaws in software, it's just a matter of time before they are exploited. Java will get patched (eventually) and the problem will be resolved for a time. Windows is always being patched but people don't go crazy and uninstall their OS.

    You don't need 'actual expertise' to understand any of this. It's all dependant on how you feel about a situation and what you choose to do about it. I choose not to get all bent out of shape and panic.

    I'm getting lynched for it apparently.



    I may not have been particularly clear, as you have said the same thing the poster above mentioned. I do not mean to completely disregard security, my point is not to get so hung up on it that you become so concerned that every bit of software you use becomes a threat.

    I agree it is on the rise, but it's because people are becoming savvy with technology and often 'outsmarting' those in place to stop bad happening.

    The people wanting to remove Java, would you also do the same for your phone/car?
    That all depends on what's being targetted. Most people don't use their cars to do internet purchasing. They may or may not use their phones but the vast majority of people do it on their computers.
    Offline

    3
    ReputationRep:
    (Original post by there's too much love)
    That all depends on what's being targetted. Most people don't use their cars to do internet purchasing. They may or may not use their phones but the vast majority of people do it on their computers.
    Not all sensitive information wanted by a cracker is related to money.

    If however, I was going after someone's accounts I would not be looking at their personal computer or their phone. The information I want would not be stored locally.

    On the topic of protection, you could have the best security in the world but still fall for a basic phishing scam. Which if the numbers are to be believed, make up the biggest percentage of cyber criminality.
    Offline

    3
    ReputationRep:
    (Original post by A5ko)
    I didn't say there is any point, I said be content with the basic recommendations of an AV and Malware solution, avoid getting hung up on every little facet.
    Not all software exploits can be defended against by anti-malware. Half the point is that malicious code is executed via a trusted application - your AV is powerless against this kind of attack because it is - for all intents and purposes - 'genuine'.

    There are flaws in software, it's just a matter of time before they are exploited. Java will get patched (eventually) and the problem will be resolved for a time. Windows is always being patched but people don't go crazy and uninstall their OS.
    Again, this reeks of ignorance. Yes, there "are flaws in software." No, not all software has "gaping holes." Java will get patched eventually, but a well-known exploit, which is easily-manipulated, in a piece of software that is pervasive to Internet-based computing is a little more urgent than 'eventually'. Not all software exploits are of equal severity. Your argument is essentially, "someone might break your lock so you may as well just leave your door open."

    You don't need 'actual expertise' to understand any of this.
    I'm not even sure where to begin with responding to this, so I will simply say the following: Hundreds of thousands of software developers and IPsec professionals would beg to differ with you. It requires a great deal of technical knowledge to understand the implications of a software security flaw - knowledge which you have clearly demonstrated you don't have.

    It seems to me that you have decided that you know better than the "media hype"; however you have simply taken the default stance to assume that there is no real problem, rather than to actually understand the situation and deduce it.

    From the various literature, it seems that the real issue here is Java-based browser applets, which nobody really needs and very few actually use anyway. I have already noted in this thread that Java in its entirety is not likely to go anywhere because many websites have business-critical (server-side) applications which run in a JVM. There are huge amounts of proprietary software reliant upon the presence of a Java runtime, in which a lot of money is invested.
    Offline

    0
    ReputationRep:
    (Original post by NotMyToothbrush)
    True, but the majority of virus infections comes from a single piece of software, java.
    Though this is only somewhat true, If there was no java then people would invest more time finding exploits for other pieces of software causing us to go around in a circle. Also on another note it's not just Java that can be the problem.. An instance of this is when a botnet was discovered last year and the exploit that was used to gather and infect all of these clients was actually a browser based fault that caused vulnerabilities.
    Offline

    3
    ReputationRep:
    (Original post by Planto)
    Not all software exploits can be defended against by anti-malware. Half the point is that malicious code is executed via a trusted application - your AV is powerless against this kind of attack because it is - for all intents and purposes - 'genuine'.
    I never said it could provide you with 100%, once again..



    (Original post by Planto)
    Again, this reeks of ignorance. Yes, there "are flaws in software." No, not all software has "gaping holes."
    I think you may have gone a bit OTT with "gaping holes". It was more of an embellishment then usable comment. (Hence why I later changed it to flaws).

    (Original post by Planto)
    Java will get patched eventually, but a well-known exploit, which is easily-manipulated, in a piece of software that is pervasive to Internet-based computing is a little more urgent than 'eventually'. Not all software exploits are of equal severity. Your argument is essentially, "someone might break your lock so you may as well just leave your door open."
    Any breach in security 'should' be considered urgent to those who develop and dispense it. However, it isn't exactly productive to suggest that you are almost certain to get hacked if you haven't patched. I know it wasn't you who original said this, but it's still important.


    (Original post by Planto)
    I'm not even sure where to begin with responding to this, so I will simply say the following: Hundreds of thousands of software developers and IPsec professionals would beg to differ with you. It requires a great deal of technical knowledge to understand the implications of a software security flaw - knowledge which you have clearly demonstrated you don't have.
    You clearly haven't understood me. This was in regards to how you deal with the situation. Whether you jump through hoops every time a new exploit is found or you accept that everyone isn't out to get you. It's a risk, I agree, but the same risk you take parking your car outside a fenced drive.

    (Original post by Planto)
    It seems to me that you have decided that you know better than the "media hype"; however you have simply taken the default stance to assume that there is no real problem, rather than to actually understand the situation and deduce it.
    This is a load of crap.

    I don't claim to know better than anyone. I stated what I would do with my personal equipment. What you do with yours is fine and dandy. I do see the problem, it's just whether or not I judge it to be worth my time. There aren't enough hours in the day to be worrying about every little thing.

    Now if I were a business, I would be on to Java like flies to turd.
    Offline

    0
    ReputationRep:
    (Original post by fizzgig)
    And when almost all computers ran Windows, almost all virus infections targeted flaws in that OS.
    (Original post by NotMyToothbrush)
    That's why I use Ubuntu
    And why I use Xubuntu
    • Community Assistant
    Offline

    18
    ReputationRep:
    (Original post by Darkphilosopher)
    Wait, did you just equate c# to Java?
    same way as you'd equate C and C99
    Offline

    2
    ReputationRep:
    (Original post by natninja)
    same way as you'd equate C and C99
    C99 was one of the C standards. C# and Java are completely separate languages.
    Online

    20
    ReputationRep:
    (Original post by ed-)
    I don't think I even have it... How would I know? Can you get it on Macs?

    Either way I'm not making an effort to get rid of it. Macs rarely get viruses and just to be sure I run Sophos anyway.
    That was my question. Is it only a Windows problem, or is it still a problem if you use Chrome on Mac (which I do) and you leave the Java plugin enabled?
    Offline

    0
    ReputationRep:
    (Original post by Fullofsurprises)
    That was my question. Is it only a Windows problem, or is it still a problem if you use Chrome on Mac (which I do) and you leave the Java plugin enabled?
    http://reviews.cnet.com/8301-13727_7...java-security/

    If you are running a Mac, you should make sure you have the latest updates of OS X installed. Depending on system settings, just having the plug-in disabled may not prevent all Java applications from automatically launching if you do not have the update.
    Offline

    3
    ReputationRep:
    (Original post by A5ko)
    I agree, which is why I said nothing is 100%. It is also the reason people whould stop worrying so much. If someone wants your information and has the means to get it, what can you realistically do?



    There are always new exploits being found, primarily in the operating system, as this is one common bit of software that most people will have. You have no way of knowing if these exploits exist until someone takes advantage or, as you said, visits a compromised site. A Java issue may well have been identified, but then along comes a patch to plug the hole, only for another to open when someone finds a way.

    If you removed every piece of software that has ever been exploited, we'd all be using empty husks.
    False. 86% of exploitable vulnerabilities were in 3rd party software, rather than the operating system. Clicky

    It's about mitigating risk. Indeed, you can't prevent yourself from getting hosed by a legitimate website serving up malware that exploits a zero-day vulnerability, but you can make it a lot harder by heeding security advisories. Giving up and assuming inevitable compromise is a bad way to stay safe online. You can make yourself a hard target without having to bring the axe down on your internet connection.
    Offline

    16
    ReputationRep:
    There is a way around every bit of software, it just takes a while. I program in Java, C++ & VB and they are all fine from where I'm standing, I'll continue to use Java.
 
 
 
Reply
Submit reply
TSR Support Team

We have a brilliant team of more than 60 Support Team members looking after discussions on The Student Room, helping to make it a fun, safe and useful place to hang out.

Updated: March 18, 2013
Poll
Which Fantasy Franchise is the best?
Useful resources

Articles:

The Student Room tech wikiTech forum guidelines

Quick link:

Unanswered technology and computers threads

Sponsored features:

Web Legend

Win a Macbook Air!

Blog about setting up a website for a chance to win in our Web Legend competition.

Groups associated with this forum:

View associated groups

The Student Room, Get Revising and Marked by Teachers are trading names of The Student Room Group Ltd.

Register Number: 04666380 (England and Wales), VAT No. 806 8067 22 Registered Office: International House, Queens Road, Brighton, BN1 3XE

Quick reply
Reputation gems: You get these gems as you gain rep from other members for making good contributions and giving helpful advice.