Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Yahoo)   DHS advises everybody to disable Java immediately. Purple alert   (finance.yahoo.com ) divider line
    More: Scary, Department of Homeland Security, Java, DHS advises, computer users, hacking attacks, Redwood Shores, web application, Sun Microsystems  
•       •       •

24497 clicks; posted to Geek » on 11 Jan 2013 at 8:29 PM (3 years ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



176 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2013-01-11 08:22:36 PM  
Does this mean I can't play Minecraft?
 
2013-01-11 08:22:55 PM  
Well, this sucks.

Apparently they're not sure whether the exploit affects Java 6 or not.

FFS I just upgraded all the workstations to 7 too.
 
2013-01-11 08:23:59 PM  
You only need to disable the browser Plugin, and not run software that you don't know and trust.
 
2013-01-11 08:30:14 PM  
To checkmate
 
2013-01-11 08:30:16 PM  
What does Fedex think.
 
2013-01-11 08:31:01 PM  

Indubitably: To checkmate


Or was that to king?
 
2013-01-11 08:32:42 PM  
Who the hell is using Java applets anymore? What is this, 1996?
 
2013-01-11 08:32:48 PM  
A security flaw in Java? Unpossible!
 
2013-01-11 08:32:53 PM  
and anyone with an Android phone, throw them away
 
2013-01-11 08:33:08 PM  

TEG24601: You only need to disable the browser Plugin, and not run software that you don't know and trust.


So 99% of internet users are boned. Got it.
 
2013-01-11 08:34:32 PM  

Jon iz teh kewl: and anyone with an Android phone, throw them away


Anyone without an Android Phone should secure a weapon and fire wildly into the air.
 
2013-01-11 08:34:51 PM  

MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?


Secure Mail systems use the hell out of it, and lots of other stuff. We can't do our jobs without Java.
 
2013-01-11 08:34:59 PM  
Boy am I glad I do a good chunk of my browsing inside a virtual machine. God forbid that gets corrupted.
 
2013-01-11 08:35:36 PM  
Pr0n is still ok, right?
 
2013-01-11 08:35:54 PM  

s1ugg0: TEG24601: You only need to disable the browser Plugin, and not run software that you don't know and trust.

So 99% of internet users are boned. Got it.


"It told me I had 2,318 viruses so I just hit the OK button!"

Slays me every time.
 
2013-01-11 08:36:03 PM  
Why do they want me to unplug my coffee machine?
 
2013-01-11 08:36:42 PM  
Purple alert!

img.photobucket.com
 
2013-01-11 08:36:48 PM  
Unplug.
 
2013-01-11 08:36:54 PM  
kasei.us

Blackwatch plaid level threat?
 
2013-01-11 08:36:57 PM  
I thought Java purposely released so many micro updates with its unstoppable auto-update bug that hackers had to deal with too many different versions for it to be worthwhile. I guess they're just dicks.
 
2013-01-11 08:37:29 PM  
DHS.gov has nothing about this at all, as near as I can tell.
 
2013-01-11 08:37:37 PM  

Jon iz teh kewl: and anyone with an Android phone, throw them away


If you got an Oracle JVM to run on Android, I'd be impressed.
 
2013-01-11 08:37:39 PM  

tzzhc4: [kasei.us image 300x228]

Blackwatch plaid level threat?

To plaid?

 
2013-01-11 08:38:34 PM  

TEG24601: You only need to disable the browser Plugin, and not run software that you don't know and trust.


It's my thought that if you're so uninformed as to need the above advice, you should own an apple and only buy from the app store anyway.
 
2013-01-11 08:38:49 PM  
How do you disable a province in Indonesia?
 
2013-01-11 08:39:00 PM  
I never update my Java, so am I safe or not?
 
2013-01-11 08:39:13 PM  

make me some tea: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

Secure Mail systems use the hell out of it, and lots of other stuff. We can't do our jobs without Java.


Your mail system runs on a Java applet!? Ho. Lee. Shyte.
 
2013-01-11 08:39:57 PM  

Saberus Terras: Does this mean I can't play Minecraft?


I'll take the risk.
No regrets. Just make sure to back up everything
 
2013-01-11 08:40:37 PM  
Went to check it- I never installed it when I reinstalled windows and didnt notice.
 
2013-01-11 08:42:23 PM  

davidphogan: How do you disable a province in Indonesia?


They took our jorbsCOFFEE!!!
 
2013-01-11 08:43:05 PM  

100 Watt Walrus: DHS.gov has nothing about this at all, as near as I can tell.


I found a couple of articles on Slashdot that go into a lot more detail.
 
2013-01-11 08:43:15 PM  
Keep Calm
and
Disable Java
 
2013-01-11 08:44:06 PM  

Gyrfalcon: I never update my Java, so am I safe or not?


No. It's not safe, it's... very dangerous, be careful.

img.photobucket.com
 
2013-01-11 08:44:43 PM  
French Roast?
 
2013-01-11 08:44:44 PM  
Meh.  I did Java for a bit, and then switched to C# when I changed jobs.  It seems like it could be a lot cleaner, only I can't figure out how to get the C# assemblies out of debug and into the coffee grinder, and all those dang '=>' parts of lambda functions keep choking up my milk steamer.  I may be doing something wrong.
 
2013-01-11 08:45:31 PM  

TEG24601: You only need to disable the browser Plugin, and not run software that you don't know and trust.


Yep... this is the kind of journalism that pisses me off.

"DHS said disable Java"

So, this is important enough that the federal farking government is involved, but not important enough for the AP, the supposed most "respected" (you can't tell that I didn't type that with a straight face) news organization left in this country, can't be bothered to tell us exactly what you're supposed to do. Java, the language, runs in frikkin everything from PCs to automobiles. But yes, the important thing is that you shut it off in your browser. If you're giving desktop applications permission to do things without knowing what they do, then Java isn't the problem.

Besides, these days, every browsers gives you a BIG SCARY WARNING before running a Java applet anyway. Most people get nervous and scared already when they see it pop up. (Ironally, they're more scared of the Java security warnings than they are of the Happy Fun Antivirus popups...)
 
2013-01-11 08:45:46 PM  

Notabunny: Gyrfalcon: I never update my Java, so am I safe or not?

No. It's not safe, it's... very dangerous, be careful.

[img.photobucket.com image 450x250]


You wanna know how I know you are a Republican?
 
2013-01-11 08:46:14 PM  
Like I trust what the DHS tells me anyway.
 
2013-01-11 08:46:16 PM  
Larry Ellison, you suck.
 
2013-01-11 08:46:27 PM  

Indubitably: Notabunny: Gyrfalcon: I never update my Java, so am I safe or not?

No. It's not safe, it's... very dangerous, be careful.

[img.photobucket.com image 450x250]

You wanna know how I know you are a Republican?


*sniktily*
 
2013-01-11 08:47:25 PM  

Notabunny: Purple alert!

[img.photobucket.com image 260x194]


Please. Add in some clamps and put that man in a dress, and you have a good time going on there.
 
2013-01-11 08:47:57 PM  

Abox: What does Fedex think.


www.gifs.net
 
2013-01-11 08:49:00 PM  
To snikt
 
2013-01-11 08:50:21 PM  

UsikFark: Abox: What does Fedex think.

[www.gifs.net image 81x81]


That took awhile...
 
2013-01-11 08:51:08 PM  

Indubitably: Indubitably: Notabunny: Gyrfalcon: I never update my Java, so am I safe or not?

No. It's not safe, it's... very dangerous, be careful.

[img.photobucket.com image 450x250]

You wanna know how I know you are a Republican?

*sniktily*


Thanks for teh giggles! Happy Friday! (current fav)

img.photobucket.com
 
2013-01-11 08:51:57 PM  
Done, long ago. (Firefox)

Sure, it's a bit of a PITA when I have to "allow" certain websites to view videos, features, etc, but pages load much more quickly, and coupled with adblock, I don't see 99% of the shiat.

Happy days.
 
2013-01-11 08:52:54 PM  

MrEricSir: make me some tea: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

Secure Mail systems use the hell out of it, and lots of other stuff. We can't do our jobs without Java.

Your mail system runs on a Java applet!? Ho. Lee. Shyte.


No, but large insurance carriers do, on the client side, which is the part we use.
 
2013-01-11 08:56:41 PM  

100 Watt Walrus: DHS.gov has nothing about this at all, as near as I can tell.


http://www.us-cert.gov/current/#us_cert_releases_oracle_java
 
2013-01-11 08:57:35 PM  

jonny_q: But yes, the important thing is that you shut it off in your browser. If you're giving desktop applications permission to do things without knowing what they do, then Java isn't the problem.


The article should have mentioned that this only applies to applets. As I understand it, the vulnerability is a way to break out of the applet sandbox and get full user privileges.

Regular apps -- Java or otherwise -- already run with full user privileges. So those aren't affected.
 
2013-01-11 08:58:16 PM  
It's in the news, sure, but none of my trusted security sources are raising any alarms about it yet.

Internet Storm Center Dashboard
 
2013-01-11 09:00:38 PM  
My browser runs much faster now. Thank you anonymous hacker benefactors!
 
2013-01-11 09:01:27 PM  
Another day, another Java zero day.
 
2013-01-11 09:01:54 PM  
Firefox + NoScript + AdBlock Plus + Ghostery is pretty secure.

After that, it's just a matter of doing a little research and having a little common sense. For example, don't click 'Yes' to everything on the web. Clicked 'Yes' to install a 'movie downloader?' You just got hacked. Opened up that 'penis enlargement' e-mail attachment? You just got hacked. Downloaded the first search result you found on P2P? You better believe you just got hacked.
 
2013-01-11 09:02:19 PM  

MrEricSir: Jon iz teh kewl: and anyone with an Android phone, throw them away

If you got an Oracle JVM to run on Android, I'd be impressed.


that's trivial. there's production apps out there if you're too nerfheaded to do it from scratch.
 
2013-01-11 09:02:43 PM  
more info :http://www.theregister.co.uk/2013/01/10/java_0day/1. go to this site - read and do according to your browser:   http://nakedsecurity.sophos.com/2012/08/30/how-turn-off-java-browser/ 2.You can confirm that Java is no longer installed by visiting http://java.com. Click "Do I have Java?" Click verify and confirm that it says "No working Java was detected on your system."3. don't install it until there is a patch
 
2013-01-11 09:03:25 PM  

Amos Quito: Done, long ago. (Firefox)

Sure, it's a bit of a PITA when I have to "allow" certain websites to view videos, features, etc, but pages load much more quickly, and coupled with adblock, I don't see 99% of the shiat.

Happy days.


Actually, not "JavaScript" per your link, but "Java", a different, but similarly-named beast:

http://www.kb.cert.org/vuls/id/625617

http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-ze ro -day-flaw-7000009713/
 
2013-01-11 09:04:39 PM  
When I turn off Java I get this message from Fark
"Please turn on JavaScript for a better user experience"
No frickin security threat or the pissin DHS is going to keep me from having a better Farking user experience!

/also the nifty little reply button thingy don't work either
 
2013-01-11 09:04:46 PM  

davidphogan: How do you disable a province in Indonesia?


Tell them their shipment of dogs has arrived.
 
2013-01-11 09:06:40 PM  

DownDaRiver: When I turn off Java I get this message from Fark
"Please turn on JavaScript for a better user experience"
No frickin security threat or the pissin DHS is going to keep me from having a better Farking user experience!

/also the nifty little reply button thingy don't work either


Um... since when did DHS say anything about disabling Javascript?
 
2013-01-11 09:07:53 PM  

TEG24601: You only need to disable the browser Plugin, and not run software that you don't know and trust.


But that browser bar said if I installed it, I'd get 4% off every sixth sub at my local Sub Commander Sandwich Shoppe.
 
2013-01-11 09:07:56 PM  

This Face Left Blank: A security flaw in Java? Unpossible!


Talk to any dumbass Dev that turned into a Java whore and they'll swear up and down to you stupid unfounded sh*t like "the sandbox is secure" and other religious beliefs masquerading as science.
 
2013-01-11 09:08:37 PM  
Amos Quito: Done, long ago. (Firefox)

Sure, it's a bit of a PITA when I have to "allow" certain websites to view videos, features, etc, but pages load much more quickly, and coupled with adblock, I don't see 99% of the shiat.

Happy days.

JungleBoogie: Actually, not "JavaScript" per your link, but "Java", a different, but similarly-named beast:

http://www.kb.cert.org/vuls/id/625617

http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-ze ro -day-flaw-7000009713/


Actually, I spoke too soon - apparently no-script does also disable Java from executing in the browser too:

"The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank)." -- from http://noscript.net/
 
2013-01-11 09:08:56 PM  

DownDaRiver: When I turn off Java I get this message from Fark
"Please turn on JavaScript for a better user experience"


You might notice that these words are different...
 
2013-01-11 09:09:29 PM  
Nee Java no badda
Nee chaade su goodie
 
2013-01-11 09:09:53 PM  
I'd rather just disable the DHS instead.
 
2013-01-11 09:11:46 PM  

MrEricSir: Um... since when did DHS say anything about disabling Javascript?


Company I worked for in the early 00's brought over a senior software engineer from India. Her resume was spectacular. She was going to revolutionize the way we wrote software. Turned out she was an idiot and lied on her resume to get sponsored and her expenses paid to come to the US. Her inability to understand that Java and Javascript are very different technologies was one of the first signs that someone made a huge mistake.

/Don't expect the average internet user to understand the difference
 
2013-01-11 09:12:15 PM  
As someone who works with government agencies (including DHS) who use Java applets on a daily basis, I'm getting a kick out of the idea that DHS is supposedly suggesting people disable their Java plugins.
 
2013-01-11 09:12:17 PM  
Meanwhile, .NET Framework wuvs you.
 
2013-01-11 09:13:35 PM  
shiat, I don't have java plugins or some java version under my installed applications. I guess I never installed it on this particular computer.

Interestingly enough, my next course in my degree track is likely either Java programming or C++.
 
2013-01-11 09:17:16 PM  

JungleBoogie: Amos Quito: Done, long ago. (Firefox)

Sure, it's a bit of a PITA when I have to "allow" certain websites to view videos, features, etc, but pages load much more quickly, and coupled with adblock, I don't see 99% of the shiat.

Happy days.

JungleBoogie: Actually, not "JavaScript" per your link, but "Java", a different, but similarly-named beast:

http://www.kb.cert.org/vuls/id/625617

http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-ze ro -day-flaw-7000009713/

Actually, I spoke too soon - apparently no-script does also disable Java from executing in the browser too:

"The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank)." -- from http://noscript.net/


Thanks for the link. I might have to download firefox and try it.
 
2013-01-11 09:18:02 PM  

MrEricSir: DownDaRiver: When I turn off Java I get this message from Fark
"Please turn on JavaScript for a better user experience"
No frickin security threat or the pissin DHS is going to keep me from having a better Farking user experience!

/also the nifty little reply button thingy don't work either

Um... since when did DHS say anything about disabling Javascript?


Uh...it was supposed to be sorta a joke


/jackass
 
2013-01-11 09:18:17 PM  
To Sir
 
2013-01-11 09:19:35 PM  
Why in the hell should we trust  anything DHS says?
 
2013-01-11 09:22:32 PM  

Bleck: Went to check it- I never installed it when I reinstalled windows and didnt notice.


Same here...crisis averted!
 
2013-01-11 09:22:52 PM  
to do this in ff you need to click off js in options and disable the javas you find under the plugins part, too.
 
2013-01-11 09:24:06 PM  
I just threw my PC down the garbage disposal. Was that the correct course of action?
 
2013-01-11 09:24:59 PM  
HA! HA! I'm one step ahead, I'm using Chrome OS.
 
2013-01-11 09:25:14 PM  
The HTML assistant buttons require Javascript.
Turn on javascript (or enable it for Fark) for a better user experience.
 
2013-01-11 09:25:15 PM  
images1.wikia.nocookie.net

Shouldn't be too hard, he doesn't look like he's too quick on his feet.
 
2013-01-11 09:25:46 PM  

DownDaRiver: MrEricSir: DownDaRiver: When I turn off Java I get this message from Fark
"Please turn on JavaScript for a better user experience"
No frickin security threat or the pissin DHS is going to keep me from having a better Farking user experience!

/also the nifty little reply button thingy don't work either

Um... since when did DHS say anything about disabling Javascript?

Uh...it was supposed to be sorta a joke


/jackass


The thing about jokes is they have to be funny.
 
2013-01-11 09:27:21 PM  

Lady Beryl Ersatz-Wendigo: I just threw my PC down the garbage disposal. Was that the correct course of action?


Did you microwave it first? The heat kills all the viruses.
 
2013-01-11 09:27:26 PM  
What Larry Ellison's yacht, running Java, may look like.
i79.photobucket.com
 
2013-01-11 09:29:25 PM  

TEG24601: You only need to disable the browser Plugin, and not run software that you don't know and trust.


Haha ... good one....  I got a real chuckle over that ...
 
2013-01-11 09:34:58 PM  

tzzhc4: [kasei.us image 300x228]

Blackwatch plaid level threat?


upload.wikimedia.org

Worse
 
2013-01-11 09:35:44 PM  
DHS, another impotent government agency that can't prove they have ever stopped anything since its all secret.
 
2013-01-11 09:42:12 PM  
Dear God! The terrorists are going after the PR0N!!! O_O
 
2013-01-11 09:43:09 PM  
Wait - so, half the posters in this thread are ranting about the DHS because they indicated that Java is unsafe and exploitable? Really?
 
2013-01-11 09:45:19 PM  

MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?


NASA would like to have a word with you.
 
2013-01-11 09:52:37 PM  

phamwaa: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

NASA would like to have a word with you.


Having (unfortunately) worked at NASA in the past, I can assure you it's not 1996 there so much as it's 1969.
 
2013-01-11 09:53:52 PM  

MrEricSir: DownDaRiver: MrEricSir: DownDaRiver:

Uh...it was supposed to be sorta a joke


/jackass

The thing about jokes is they have to be funny.


You are absolutly right
Tell ya what, next time I think I have a joke, I'll send it off to you first. If it meets your approval I will then consider using it. Is that OK? I wouldn't want to do anythnig that would incure critcism from you.

/douche
 
2013-01-11 10:02:58 PM  
Should I block my Fark ads, too? They seem to s l o w the loading of pages. It might be a security risk, ya know?
 
2013-01-11 10:07:38 PM  

DownDaRiver: MrEricSir: DownDaRiver: MrEricSir: DownDaRiver:

Uh...it was supposed to be sorta a joke


/jackass

The thing about jokes is they have to be funny.

You are absolutly right
Tell ya what, next time I think I have a joke, I'll send it off to you first. If it meets your approval I will then consider using it. Is that OK? I wouldn't want to do anythnig that would incure critcism from you.

/douche


Are the half-assed insults intended to distract from your lack of understanding of humor? Or are you going for unintentional irony?
 
2013-01-11 10:16:08 PM  
Done in one.
 
2013-01-11 10:16:10 PM  
Java? Dangerous, unpatched exploit? Color me surprised...

I have had Java in the browser disabled via GP at work for months now.
 
2013-01-11 10:18:42 PM  

davidphogan: How do you disable a province in Indonesia?


-Xmx0M -Xms0M
 
2013-01-11 10:20:01 PM  
I unplugged my coffee machine.  Am I safe?
 
2013-01-11 10:21:04 PM  

Saberus Terras: Does this mean I can't play Minecraft?


You can always take your chances:

fc06.deviantart.net
 
2013-01-11 10:22:02 PM  

InternetSecurityGuard: I'd rather just disable the DHS instead.


Wave hello to the DHS agents watching you now because of that comment.
 
2013-01-11 10:25:17 PM  

MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?


My guess is you don't work at any sort of tech field.

Jrun
Tomcat
Jetty
Jboss
GlassFish
WebSphere
iPlanet
WebLogic
etc

Pretty much any self contained portable software that runs on it's own web interface uses a java application server. Coldfusion / Railo / Blue Dragon webpages (cfm) and JSP pages are the big offenders, but there are other things as well.

Are you running an IBM, HP, or Dell server? Guess what, Open Manage, HP Integrated Lights-Out, HP SIM (and most Proliant Support Pack programs), and most other management/administration utilities are Java.

What's that you use IBM Tivoli for backup? Tivoli's backup storage manager client is Java base.
You use NetApp? Their management console is Java based
You use CommVault? Hey, what do ya know. More Java.
You hate Sharepoint so you use Alfresco? That's Java too.
Use BMC Remedy for a ticketing system for your help desk? That's built on Java.
Use Cherwell... I've got bad news for you.

Java isn't quite as dead as you think it is.
 
2013-01-11 10:34:12 PM  
I don't have to worry about this sort of thing. I have PC Matic. It keeps me protected.

/and makes my internet speeds faster
 
2013-01-11 10:35:19 PM  

degenerate-afro: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

My guess is you don't work at any sort of tech field.

Jrun
Tomcat
Jetty
Jboss
GlassFish
WebSphere
iPlanet
WebLogic
etc

Pretty much any self contained portable software that runs on it's own web interface uses a java application server. Coldfusion / Railo / Blue Dragon webpages (cfm) and JSP pages are the big offenders, but there are other things as well.

Are you running an IBM, HP, or Dell server? Guess what, Open Manage, HP Integrated Lights-Out, HP SIM (and most Proliant Support Pack programs), and most other management/administration utilities are Java.

What's that you use IBM Tivoli for backup? Tivoli's backup storage manager client is Java base.
You use NetApp? Their management console is Java based
You use CommVault? Hey, what do ya know. More Java.
You hate Sharepoint so you use Alfresco? That's Java too.
Use BMC Remedy for a ticketing system for your help desk? That's built on Java.
Use Cherwell... I've got bad news for you.

Java isn't quite as dead as you think it is.


He is under the impression that the only thing Java is used is badly written clients.  When it basically runs the world on the backend.
 
2013-01-11 10:38:00 PM  
Good luck! I'm behind 7 boxxies!
 
2013-01-11 10:38:11 PM  

EngineerAU: MrEricSir: Um... since when did DHS say anything about disabling Javascript?

Company I worked for in the early 00's brought over a senior software engineer from India. Her resume was spectacular. She was going to revolutionize the way we wrote software. Turned out she was an idiot and lied on her resume to get sponsored and her expenses paid to come to the US. Her inability to understand that Java and Javascript are very different technologies was one of the first signs that someone made a huge mistake.

/Don't expect the average internet user to understand the difference


A simple phone interview should catch things like that. The hiring manager in your story should be roundly mocked.
 
2013-01-11 10:44:46 PM  

Donnchadha: tzzhc4: [kasei.us image 300x228]

Blackwatch plaid level threat?

[upload.wikimedia.org image 300x300]

Worse


Could be a code 2112 instead.....
 
2013-01-11 10:49:22 PM  

MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?


WebEx uses it. That's a big chunk of people.
 
2013-01-11 10:53:31 PM  
Fark It!, We'll do it LIVE!, Fark it!!
 
2013-01-11 10:53:41 PM  
What they're not saying yet is if they find out you haven't disabled Java, the DHS will send a flying squad of burly TSA agents to conduct a cavity search like you wouldn't believe
 
2013-01-11 10:58:54 PM  

gingerjet: When it basically runs the world on the backend.


Luckily, it only runs some of the world on the back end.
 
2013-01-11 11:03:00 PM  
To rule the internet
 
2013-01-11 11:16:15 PM  
For the love of farking god people...

JAVA =/= JAVASCRIPT
 
2013-01-11 11:19:42 PM  
I spent a few years dealing with this shiat as a tech who did virus removals more than anything else.

I don't ever remember DHS issuing a warning about any of the exploits that pushed business my way.
 
2013-01-11 11:21:00 PM  

degenerate-afro: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

My guess is you don't work at any sort of tech field.

Jrun
Tomcat
Jetty
Jboss
GlassFish
WebSphere
iPlanet
WebLogic
etc

Pretty much any self contained portable software that runs on it's own web interface uses a java application server. Coldfusion / Railo / Blue Dragon webpages (cfm) and JSP pages are the big offenders, but there are other things as well.

Are you running an IBM, HP, or Dell server? Guess what, Open Manage, HP Integrated Lights-Out, HP SIM (and most Proliant Support Pack programs), and most other management/administration utilities are Java.

What's that you use IBM Tivoli for backup? Tivoli's backup storage manager client is Java base.
You use NetApp? Their management console is Java based
You use CommVault? Hey, what do ya know. More Java.
You hate Sharepoint so you use Alfresco? That's Java too.
Use BMC Remedy for a ticketing system for your help desk? That's built on Java.
Use Cherwell... I've got bad news for you.

Java isn't quite as dead as you think it is.


...those are running Java on the back-end, not Java applets (client-side).
 
2013-01-11 11:24:04 PM  
Adobe doesn't even take this long to address security vulnerabilities. It's been months. Seriously wtf is there problem?
 
2013-01-11 11:27:15 PM  

Bonzo_1116: A simple phone interview should catch things like that. The hiring manager in your story should be roundly mocked.


Sadly it was the VP of Software Engineering, who had a degree from Georgia Tech. He should have known better but he was so thrilled that he was getting an incredible bargain for someone so highly qualified that he never considered that she might not be accurately representing her skills. Plus it was during the time when every business magazine was running articles on moving all IT functions to India so I guess he thought he could do it one better by bringing India over here.

/Have met plenty of smart developers from India over the years but she certainly wasn't one of them
 
2013-01-11 11:28:50 PM  

Aboleth: Nee Java no badda
Nee chaade su goodie


cheesa beecha wonky chewbacca
 
2013-01-11 11:29:08 PM  

Donnchadha: tzzhc4: [kasei.us image 300x228]

Blackwatch plaid level threat?

[upload.wikimedia.org image 300x300]

Worse



What's terrible is that I remember the joke, but had to google to recall which [as] show.


/ I'm gonna raise the warning system from "Blackwatch Plaid" to the cover of Rush's seminal album "Moving Pictures."
 
2013-01-11 11:29:31 PM  

Theory Of Null: Adobe doesn't even take this long to address security vulnerabilities. It's been months. Seriously wtf is there problem?


Adobe takes years to address known security vulnerabilities.  Until a few days ago this vulnerability wasn't publicly known.  And Oracle, Microsoft, and Apple have all started taken moves to start address it.  Which is  more than Adobe has ever done.
 
2013-01-11 11:33:52 PM  
Had Java disabled since the last time they told us to disable it. Haven't missed it. Saw that the Java Console was still enabled so I disabled that too for good measure.
 
2013-01-11 11:39:46 PM  
I bet there IS NO security threat...just the Feds' technogeeks noticed there MIGHT BE a potential risk, and upper management decided to run screaming for the hills. Has anyone actually heard of anyone's being attacked through their Java vulnerabilities? No? Then no need to panic.

Unless you're in government and have no clue about how computers work. Then go ahead and panic yourself into a coma.
 
2013-01-11 11:41:28 PM  

gingerjet: <b><a href="http://www.fark.com/comments/7531367/81834209#c81834209" target="_blank">Theory Of Null</a>:</b> <i>Adobe doesn't even take this long to address security vulnerabilities. It's been months. Seriously wtf is there problem?</i>

Adobe takes years to address <strong>known</strong> security vulnerabilities.  Until a few days ago this vulnerability wasn't publicly known.  And Oracle, Microsoft, and Apple have all started taken moves to start address it.  Which is  more than Adobe has ever done.


Oh so this is a brand new zero day. Seems like this becoming a weekly occurrence.
 
2013-01-11 11:41:29 PM  
Goddamn it. I was supposed to fly to Jakarta tomorrow.
 
2013-01-12 12:17:39 AM  
UPDATE: Latest CERT advisory here, exploit details here, backstory here.
 
2013-01-12 12:29:53 AM  
Microsoft has some good lobbyists.
 
2013-01-12 12:32:09 AM  

rockforever: Good luck! I'm behind 7 boxxies!


She does have a cute ass.
 
2013-01-12 12:34:03 AM  
I honestly don't know what the hell any of this means.

I turn on the magic box, it shows me porn, I'm happy.
 
2013-01-12 12:38:25 AM  
I walked in the door at home 3 hours ago after a grueling week working out of state, and 5 minutes later my boss has me on a conference call, and I'm still on it. In a hospital system, EVERYTHING revolves around Java. We can't just "disable the Java plug-in".

And I have to be on the road again Monday. Happy weekend to me.
 
2013-01-12 01:17:26 AM  
I've had java disabled in my browsers for over a decade, so I'm ahead of the game.

This was back in the era where "OMG look at my cool water reflection java app" was prevalent.
 
2013-01-12 01:23:51 AM  

skinink: Larry Ellison, you suck.


That's like saying Darth Vader has an unpleasant disposition. He made it on my shiatlist far before Bill Gates ever did.
 
2013-01-12 01:28:09 AM  
Tell Java I've got his money.
 
2013-01-12 01:47:52 AM  

Aboleth: Nee Java no badda
Nee chaade su goodie


UTINI !!!

images2.wikia.nocookie.net
 
2013-01-12 03:12:03 AM  
Never, ever, EVER enable the java plugin in your browser. How farking stupid are you? It's like having unprotected anal sex in Haiti (Bad Idea Jeans(TM)). The whole thing is a festering pile of zero-days (and negative-days) and has been for years.

Feel free to use it for Minecraft or Jdownloader, but never let it run anything in your browser, where the russkies can easily do a driveby, and you don't have a dashcam.
 
2013-01-12 03:19:49 AM  

This Face Left Blank: A security flaw in Java? Unpossible!


I may or may not have just fallen off of my chair from the force of my laughter...

/shot some Dew out the nose too.
 
2013-01-12 03:26:17 AM  

FormlessOne: Meanwhile, .NET Framework wuvs you.


Dammit...I had just gotten back on that chair, too.
 
2013-01-12 03:42:22 AM  
Should we be buying duct tape and plastic wrap too?

/sending from my phone because the cyber police at work crapped themselves in fear and shut down all internet access.
 
2013-01-12 04:22:56 AM  

Aboleth: Nee Java no badda
Nee chaade su goodie


images1.wikia.nocookie.net
/I'm not translating that crap
//gtfo off my ship sasha
 
2013-01-12 04:31:50 AM  
What do I tell my parents?
 
2013-01-12 05:15:23 AM  
DeathCipris
I have had Java in the browser disabled via GP at work for months now.


"Funny" thing: the last time that suggestion came around because of an exploit, it turned out that if you disable the Java plugin in IE, IE would execute the Applet anyway.
 
2013-01-12 05:45:12 AM  
Also, this was from a firefox upgrade from months (years?) ago.

lordargent.com
 
2013-01-12 06:12:28 AM  
Use BMC Remedy for a ticketing system for your help desk? That's built on Java.


Oh. dear. God.
 
2013-01-12 06:18:43 AM  
I've been saying the same thing nearly continuously for three years: Unless you absolutely need Java on a desktop computer for a critical job function, just get rid of it. Don't update/patch, or even "disable" - just uninstall the whole damn thing.

Larry Ellison must have a phalanx of servants kick him every morning in penance for purchasing Sun Microsystems. Dumbest business move ever, for him.
 
2013-01-12 07:13:11 AM  
Sad but true.....

There is a whole lot of 'grey' area software that does the exact same function as malware, but is sold by companies for certain legitimate use. For example, Key Loggers. You can Google and find companies that are selling key loggers. The majority of them are 100% legit. They sell software that works really well, as advertised. Ideally, other companies might use them to be installed on employee's computers or parents would use them to track their children's activity.

Here's the kicker of it all....

All of the major anti-virus/anti-malware software packages you can think of (like MalwareBytes) have decided to 'trust' these company's customers. The more cynical out there might wonder if they aren't getting paid off....but whatever. For whatever reason, the fact is, the majority of anti-malware programs will not detect commercially available malware that has a tiny chance of being used legitimately.

In short - someone can find an exploit in Java and you can visit a website that uses that exploit to install known, readily available malware - like a Keylogger - onto your machine. Then, your nightly/weekly/whatever scan will run and tell you 'Nothing bad found!' even though you have malware installed. And the anti-malware companies know about this, and are totally cool with it.

Sadly, I'm not trolling. I did a stupid school assignment on keyloggers and wrote software that would do performance-based testings to detect malware. Imagine how my jaw dropped when my crappy, two-weekend software outperformed the top names in anti-virus/anti-malware. Then I went to their forums where I found this was a known issue and they had no intention of fixing it.

I know it sounds paranoid, but I've gotten to using two partitions - Windows for everything I don't care about like games and websites; then Ubuntu for anything I'd consider 'confidential'. I know it's not perfect and all, but what can you do?
 
2013-01-12 07:28:44 AM  

EngineerAU: MrEricSir: Um... since when did DHS say anything about disabling Javascript?

Company I worked for in the early 00's brought over a senior software engineer from India. Her resume was spectacular. She was going to revolutionize the way we wrote software. Turned out she was an idiot and lied on her resume to get sponsored and her expenses paid to come to the US. Her inability to understand that Java and Javascript are very different technologies was one of the first signs that someone made a huge mistake.

/Don't expect the average internet user to understand the difference


Classic rookie mistake....

Lying on a resume is a bad idea if you are in a role where you have to directly output something of value....
Bartender,
Surgeon,
Pilot,
Engineer,
etc...

Where you CAN lie on your resume and get away with is in positions with soft-skills that don't directly output something. People who facilitate, oversee, manage....there are LOTS of really high-ranking people who have had successful careers for years or even decades before a scandal reveals they lied on their resume. Oddly enough, they were able to perform at that level for years, just fine. Because, ultimately, all they needed to do was make sure the peons were able to work.

Middle to upper-middle management is really the sweet-spot. Too high up and you have to start making some serious business decisions. Then it's your neck on the line, and people might realize you're clueless. But just a step below that; you aren't making the calls. You are 'facilitating' the decisions that get passed down.

Had she been the project manager; she'd have gotten away with it.
 
2013-01-12 07:40:11 AM  

MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?


I take it you don't block Java by default and then whitelist sites you want to actually read.

I'd say the vast majority use java for something, and maybe a quarter to half are UNREADABLE (as in, there is no text on the screen) without it.
 
2013-01-12 08:09:13 AM  

Yotto: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

I take it you don't block Java by default and then whitelist sites you want to actually read.

I'd say the vast majority use java for something, and maybe a quarter to half are UNREADABLE (as in, there is no text on the screen) without it.


A quarter to half of ALL websites? That makes no sense.
 
2013-01-12 08:15:39 AM  
oh no my java bitcoin miner is in trouble how am i gonna get drugs now
 
2013-01-12 08:30:30 AM  

kazikian: Yotto: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

I take it you don't block Java by default and then whitelist sites you want to actually read.

I'd say the vast majority use java for something, and maybe a quarter to half are UNREADABLE (as in, there is no text on the screen) without it.

A quarter to half of ALL websites? That makes no sense.


A quarter = .25 | 1/4 | 25%
half = .5 | 1/2 | 50%

'I'd say the vast majority use java for something, and maybe 25% to 50% are UNREADABLE (as in, there is no text on the screen) without it.'

At least - that's how I read it.
 
2013-01-12 09:01:29 AM  
Yotto
I'd say the vast majority use java for something, and maybe a quarter to half are UNREADABLE (as in, there is no text on the screen) without it.

www.clusterfake.net
 
2013-01-12 09:23:37 AM  

The Voice of Doom: Yotto
I'd say the vast majority use java for something, and maybe a quarter to half are UNREADABLE (as in, there is no text on the screen) without it.

[www.clusterfake.net image 800x253]


I think that's just splitting hairs...

Java is the engine (JRE - Java Runtime Engine) that executes the code).
The code is written in JavaScript (JSl - Java Scripting Language)

Most people say 'Java' when they mean the compiled form and Javascript when it's source code. When you visit a website, a lot of them just have raw JavaScript in the HTML than your browser compiles into 'Java' and executes by your local JRE.

Either way, it turns into Java!
 
rpm
2013-01-12 10:25:01 AM  

Fark_Guy_Rob: The Voice of Doom: Yotto
I'd say the vast majority use java for something, and maybe a quarter to half are UNREADABLE (as in, there is no text on the screen) without it.

[www.clusterfake.net image 800x253]

I think that's just splitting hairs...

Java is the engine (JRE - Java Runtime Engine) that executes the code).
The code is written in JavaScript (JSl - Java Scripting Language)

Most people say 'Java' when they mean the compiled form and Javascript when it's source code. When you visit a website, a lot of them just have raw JavaScript in the HTML than your browser compiles into 'Java' and executes by your local JRE.

Either way, it turns into Java!


4/10
 
2013-01-12 10:25:41 AM  

Fark_Guy_Rob: I did a stupid school assignment on keyloggers and wrote software that would do performance-based testings to detect malware. Imagine how my jaw dropped when my crappy, two-weekend software outperformed the top names in anti-virus/anti-malware. Then I went to their forums where I found this was a known issue and they had no intention of fixing it.

I know it sounds paranoid, but I've gotten to using two partitions - Windows for everything I don't care about like games and websites; then Ubuntu for anything I'd consider 'confidential'. I know it's not perfect and all, but what can you do?


Wanna post for us all a link to your keylogger detector?

Or is there something freely available that'll find these programs?

/I'm not paranoid, it's just that the government/Lizard People/CFR really are out to get me.
 
2013-01-12 10:27:27 AM  

Yotto: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

I take it you don't block Java by default and then whitelist sites you want to actually read.

I'd say the vast majority use java for something, and maybe a quarter to half are UNREADABLE (as in, there is no text on the screen) without it.


Java isn't Javascript. I've had Java uninstalled forever and find maybe 2-4 sites a year that won't run without Java.
 
2013-01-12 10:41:57 AM  
Javascript is the written language of the people of Java
 
2013-01-12 11:08:43 AM  
Fark_Guy_Rob:
I think that's just splitting hairs...

Java is the engine (JRE - Java Runtime Engine) that executes the code).
The code is written in JavaScript (JSl - Java Scripting Language)

Most people say 'Java' when they mean the compiled form and Javascript when it's source code. When you visit a website, a lot of them just have raw JavaScript in the HTML than your browser compiles into 'Java' and executes by your local JRE.

Either way, it turns into Java!

I know you're being facetious, but...


THIS IS WHAT SOME PEOPLE ACTUALLY BELIEVE.
 
2013-01-12 11:09:51 AM  
YodaBlues: Fark_Guy_Rob:
I think that's just splitting hairs...

Java is the engine (JRE - Java Runtime Engine) that executes the code).
The code is written in JavaScript (JSl - Java Scripting Language)

Most people say 'Java' when they mean the compiled form and Javascript when it's source code. When you visit a website, a lot of them just have raw JavaScript in the HTML than your browser compiles into 'Java' and executes by your local JRE.

Either way, it turns into Java!


I know you're being facetious, but...

THIS IS WHAT SOME PEOPLE ACTUALLY BELIEVE.

/italic fail
//Ok, i farking hate this stupid farking new comment box.
 
2013-01-12 12:11:48 PM  

gingerjet: Theory Of Null: Adobe doesn't even take this long to address security vulnerabilities. It's been months. Seriously wtf is there problem?

Adobe takes years to address known security vulnerabilities.  Until a few days ago this vulnerability wasn't publicly known.  And Oracle, Microsoft, and Apple have all started taken moves to start address it.  Which is  more than Adobe has ever done.


Adobe has been better about security than sun/oracle for a quite some time now. If you have a choice between running with flash/reader or Java you should pick the adobe line-up every time.
 
2013-01-12 12:20:04 PM  

Suckmaster Burstingfoam: Yotto: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

I take it you don't block Java by default and then whitelist sites you want to actually read.

I'd say the vast majority use java for something, and maybe a quarter to half are UNREADABLE (as in, there is no text on the screen) without it.

Java isn't Javascript. I've had Java uninstalled forever and find maybe 2-4 sites a year that won't run without Java.


Yeah I realized that right after posting it. In my defense half the rest of the people in this thread did the same thing, and the naming of the two things is so similar as to seem almost intentionally made to confuse.
 
2013-01-12 12:28:06 PM  
I tried to follow the instructions for turning off Jave in Chrome, Firefox, etc., but the instructions bear no relation whatsoever to what I see in the dialogue windows on my computer even after I search for and find the specific instructions my version of Windows, the browser, etc.

Like DownDaRiver, I find that disabling Java Platform(TM) S 7 U6 10.6.2.24 interfers with Fark.com. Also, at the moment I can't even quote DownDaRiver's post in this comment box despite re-enabling the plug-in.

Rem: Chrome has, like other browsers and software interfaces (iTunes being one) has gone mad for decluttering its toolbars, which means I can NOT find anything I want to do to or see. Nothing but blank matte-finish digital Chrome--no icons. They have hidden all of the controls and settings I most often use.

Rem: the GD Control Panel has gone the opposite way and is cluttered with everything but the kitchen sink. I can't find anyhing I want to do and the icon labels are not very helpful. Essentially all of the settings and controls are hidden a different way.

All of this stupid geekery is making doing anything at any time with these software interfaces very frustrating, time-consuming and pointless.

If your instructions and illustrations do not match what I see on my screen, they do not help me very much. Perhaps I have different configurations or have more recent or older updates of some stuff, but the GD help files should help, not confuse and frustrate.

It's getting harder and harder to do basic things with the settings, and since the number of settings is muliplying geometrically and the number of things that can annoy or go wrong with them, computer software and hardward maintenance is becoming a Kaftkaesque no-win situation. I'm not a geek but I am better at this than most lusers and I still have a hellacious time, despite more than 30 years of experience with computers.

Hell, I programmed in Fortran before Basic became the main teaching language. I date back to the days when ASCII art and pron was cool. Sort of. No wonder half the population that is online don't even bother to deal with this shiat and just take whatever they're given or insist their children and grand-children deal with it the same way us kids were used to change channels before the remote control went mainstream.
 
2013-01-12 12:31:57 PM  

Suckmaster Burstingfoam: Fark_Guy_Rob: I did a stupid school assignment on keyloggers and wrote software that would do performance-based testings to detect malware. Imagine how my jaw dropped when my crappy, two-weekend software outperformed the top names in anti-virus/anti-malware. Then I went to their forums where I found this was a known issue and they had no intention of fixing it.

I know it sounds paranoid, but I've gotten to using two partitions - Windows for everything I don't care about like games and websites; then Ubuntu for anything I'd consider 'confidential'. I know it's not perfect and all, but what can you do?

Wanna post for us all a link to your keylogger detector?

Or is there something freely available that'll find these programs?

/I'm not paranoid, it's just that the government/Lizard People/CFR really are out to get me.


Joking aside - while my program does work, it's really only academic.

It establishes a baseline for your system by generating as many keystrokes as it can in a given time period. The longer the time period, the more accurate it is. The catch is, this means you need to know your computer ISN'T infected to establish the baseline. Then, after that, if you install a keylogger and re-run the lengthy test (it's configurable, but I'd say 15 minutes at a minimum), it compares the results.

So it wouldn't help anyone who thinks their computer might be infected.

And anything that isn't a keylogger but uses CPU cycles would impact the results. So, if you were to install the Steam client and leave it on during the test; it might flag it as keylogger. Potentially, even a service pack or update to windows could impact the performance.

But I really was shocked when the top results for 'Keylogger' I found on Google (Refogger, Elite, and Beyond were the three I used in my testing) weren't picked up by my once beloved and free MalwareBytes.

There are quite a few posts about it on their forums:
"Malwarebytes will detect them. We simply don't detect all of them because some of them are valid legally used programs often by business to monitor their employees. "
http://forums.malwarebytes.org/index.php?showtopic=113630

Comercial keyloggers are something we have been thinking about but there are big issues as most of the time they are installed for a legit reason
http://forums.malwarebytes.org/index.php?showtopic=35906

It's not just Malwarebytes though, it seems to be most of them. I really had trouble believing it at first, it sounds like such a crack-pot kind of thing (that's the main reason I'm including links)
 
2013-01-12 12:32:33 PM  
In defense of the DHS (something I am not inclined to defend very often, seeing as it is pointless to defend the indefensible and that is precisely the job of the DHS), they are merely echoing and multiplying messages from the experts have been saying this stuff about Java for months now--it has vulnerabilities and the vulnerabilities are being actively exploited by hackers. In fact, the hacks have been packaged into kits for the use of lazy and stupid hackers and script kiddies who haven't got a clue about real hacking but like to destroy things or steal stuff. These vulnerabilities are not only "in the wild", they have gone all commercial and pre-packaged for the convenience of hack shoppers.
 
2013-01-12 01:04:09 PM  
As a defense contractor currently writing an applet specifically to run in the browsers of government employees on the local AFB, this makes me chuckle. (Signed applet, so it's already out of the sandbox.)
 
2013-01-12 01:49:45 PM  

jonny_q: TEG24601: You only need to disable the browser Plugin, and not run software that you don't know and trust.

Yep... this is the kind of journalism that pisses me off.

"DHS said disable Java"

So, this is important enough that the federal farking government is involved, but not important enough for the AP, the supposed most "respected" (you can't tell that I didn't type that with a straight face) news organization left in this country, can't be bothered to tell us exactly what you're supposed to do. Java, the language, runs in frikkin everything from PCs to automobiles. But yes, the important thing is that you shut it off in your browser. If you're giving desktop applications permission to do things without knowing what they do, then Java isn't the problem.

Besides, these days, every browsers gives you a BIG SCARY WARNING before running a Java applet anyway. Most people get nervous and scared already when they see it pop up. (Ironally, they're more scared of the Java security warnings than they are of the Happy Fun Antivirus popups...)


I'm honestly not even sure this is an actual issue for most people, but I disabled mine because my biological father had a freakout. Given how well my intertubes run when it crashes in the first place, methinks I'm not going to miss a damn minute of it.

/Seriously, Java sucks ass
//Unless I want to listen to radio stations online, but that's not actually worth the five (I kid thee not) crashes I had when I did it last time.
 
2013-01-12 02:31:06 PM  
Complete lack of response from Oracle?

They've been giving off a bad vibe recently - sort of arrogant greed mixed with irrational exuberance and defiant apathy.

Sadly, this is not that uncommon in the tech field.
 
2013-01-12 04:02:15 PM  
So... Why are Java and JavaScript so similarly named?
 
2013-01-12 04:29:25 PM  

kazikian: So... Why are Java and JavaScript so similarly named?


I can't tell whether you're trolling, so here's a serious answer:

They weren't named like that at all during development. At the last moment, Sun's marketing department renamed Java to be more hip -- no kidding, I was at the national telecon where they announced the language release -- and at the last last moment they did the same to JavaScript, specifically to play off the attention Java was getting.
 
2013-01-12 04:56:02 PM  

over_and_done: kazikian: So... Why are Java and JavaScript so similarly named?

I can't tell whether you're trolling, so here's a serious answer:

They weren't named like that at all during development. At the last moment, Sun's marketing department renamed Java to be more hip -- no kidding, I was at the national telecon where they announced the language release -- and at the last last moment they did the same to JavaScript, specifically to play off the attention Java was getting.


I was being serious, so thanks! What then was Java originally called?
 
2013-01-12 05:09:53 PM  

kazikian: over_and_done: kazikian: So... Why are Java and JavaScript so similarly named?

I can't tell whether you're trolling, so here's a serious answer:

They weren't named like that at all during development. At the last moment, Sun's marketing department renamed Java to be more hip -- no kidding, I was at the national telecon where they announced the language release -- and at the last last moment they did the same to JavaScript, specifically to play off the attention Java was getting.

I was being serious, so thanks! What then was Java originally called?


Java was renamed that from Oak in 1994 after a trademark search found potential conflicts.
 
2013-01-12 05:15:57 PM  

FeatheredSun: Complete lack of response from Oracle?

They've been giving off a bad vibe recently - sort of arrogant greed mixed with irrational exuberance and defiant apathy.

Sadly, this is not that uncommon in the tech field.


That is the way I feel. The last update didn't even fully fix the first issues. Then they don't release any response. It's like they don;t give a shiat.
 
2013-01-12 07:11:21 PM  
25.media.tumblr.com
 
2013-01-12 09:15:26 PM  

gingerjet: degenerate-afro: MrEricSir: Who the hell is using Java applets anymore? What is this, 1996?

My guess is you don't work at any sort of tech field.

Jrun
Tomcat
Jetty
Jboss
GlassFish
WebSphere
iPlanet
WebLogic
etc

Pretty much any self contained portable software that runs on it's own web interface uses a java application server. Coldfusion / Railo / Blue Dragon webpages (cfm) and JSP pages are the big offenders, but there are other things as well.

Are you running an IBM, HP, or Dell server? Guess what, Open Manage, HP Integrated Lights-Out, HP SIM (and most Proliant Support Pack programs), and most other management/administration utilities are Java.

What's that you use IBM Tivoli for backup? Tivoli's backup storage manager client is Java base.
You use NetApp? Their management console is Java based
You use CommVault? Hey, what do ya know. More Java.
You hate Sharepoint so you use Alfresco? That's Java too.
Use BMC Remedy for a ticketing system for your help desk? That's built on Java.
Use Cherwell... I've got bad news for you.

Java isn't quite as dead as you think it is.

He is under the impression that the only thing Java is used is badly written clients.  When it basically runs the world on the backend.


That doesn't necessarily make him wrong.

/I'm looking at you, Minecraft
 
2013-01-12 09:42:09 PM  
I find it interesting that the key words involve Sun Micro (no longer existent) and redwood shores (oracle HQ)
 
2013-01-13 07:18:51 AM  

PsiChick: jonny_q: TEG24601: You only need to disable the browser Plugin, and not run software that you don't know and trust.

Yep... this is the kind of journalism that pisses me off.

"DHS said disable Java"

So, this is important enough that the federal farking government is involved, but not important enough for the AP, the supposed most "respected" (you can't tell that I didn't type that with a straight face) news organization left in this country, can't be bothered to tell us exactly what you're supposed to do. Java, the language, runs in frikkin everything from PCs to automobiles. But yes, the important thing is that you shut it off in your browser. If you're giving desktop applications permission to do things without knowing what they do, then Java isn't the problem.

Besides, these days, every browsers gives you a BIG SCARY WARNING before running a Java applet anyway. Most people get nervous and scared already when they see it pop up. (Ironally, they're more scared of the Java security warnings than they are of the Happy Fun Antivirus popups...)

I'm honestly not even sure this is an actual issue for most people, but I disabled mine because my biological father had a freakout. Given how well my intertubes run when it crashes in the first place, methinks I'm not going to miss a damn minute of it.

/Seriously, Java sucks ass
//Unless I want to listen to radio stations online, but that's not actually worth the five (I kid thee not) crashes I had when I did it last time.


+1

Android SDK sucks almost as hard. Chosing Java is Google's biggest screwup, IMO.

They should have gone with ObjC or C++, and provided Python access.
 
2013-01-13 01:24:11 PM  

Giblet: +1

Android SDK sucks almost as hard. Chosing Java is Google's biggest screwup, IMO.

They should have gone with ObjC or C++, and provided Python access.


Don't know enough about that to comment, but if it sucks ass so much someone who doesn't know programming languages beyond high school programming games can tell, that's bad.
 
2013-01-13 02:28:46 PM  
PsiChick
if it sucks ass so much someone who doesn't know programming languages beyond high school programming games can tell, that's bad.

But enough about PHP now..
 
2013-01-13 02:30:10 PM  
Btw, what online radio stations use Java? I've yet to see one.
 
2013-01-13 11:16:45 PM  

GardenWeasel: I walked in the door at home 3 hours ago after a grueling week working out of state, and 5 minutes later my boss has me on a conference call, and I'm still on it. In a hospital system, EVERYTHING revolves around Java. We can't just "disable the Java plug-in".

And I have to be on the road again Monday. Happy weekend to me.


So how was your weekend?
 
2013-01-14 03:08:56 PM  

davidphogan: How do you disable a province in Indonesia?


Tell them a man in Brazil is coughing.
 
Displayed 176 of 176 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter






In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report