U.S. Department of Homeland Security warns computer users: Disable Java now

reply to post by InTheFlesh1980


but if I disable J7....my currency charts wont load.....the designed incapatibilty in all the software these days, huh!!

reply to post by goou111


There will always be new exploits for new versions of any software. Java itself has had many exploits over the years. This also is not the first one to allow full privileges when used. It is quite curious that they are actually coming out and saying to disable java though as I cannot recall a time before where they have done this. Either way from what I was reading the redirection is what causes the injection of code into your system. It's quite easy to avoid this by just not visiting links you are not familiar with. I would chock it up to fear-mongering possibly to try and stem a certain group from getting their hands on some zombies(a name sometimes used for computers being controlled remotely often used for DDOS attacks, though they can be used for a lot more useful things). I would say not to worry about going through and disabling Java, just don't visit unsafe websites and don't download things from websites you don't trust or don't know.

reply to post by solargeddon


java will knock out any firewall

it is like giving all of your keys to anyone who wants them.
the moment you connect, your pc is open.

go into a room to chat for eg, your pc doors are open and even when you log off, they have your keys.

I have removed java from my pc...also some components of flash.

Originally posted by GBP/JPY
reply to post by InTheFlesh1980

 

but if I disable J7....my currency charts wont load.....the designed incapatibilty in all the software these days, huh!!

Just a long shot but did you use to work at the CBOE?

www.livetradingnews.com...

I was telling people at a bar six months ago the JPY was going to rise higher than the CAD by the end of the year.

I was spot on.

lol@ people on here

quick, lets all disable java cause dhs says so lol

oh please


today ATS= FAIL

Originally posted by CaptAmerika
We have new virus attacks every day on all sorts of levels.
What makes this one so important that all of a sudden the Government gets involved?
Something smells funny on this one.
My guess is there is some sort of issue with Java that if left alone will expose their spying on the general population and they know it.
Its better for them if everyone disables it while they try to cover their tracks.
Just my opinion, but i've never seen them care about viruses and hacking into personal computers before.

I think it just might be the opposite effect. Maybe hacker groups can use that software to spy on the government through computers that implement their codes or whatever lol

so rather then protecting us, they are protecting themselves from the possibility of our computer networks being used in a malicious manner on a wider scale or something lol

That explains a lot, time to wipe out my computer and start fresh.

reply to post by jazzguy


yeah funny...spose you would laugh at an emergency broadcast too and disregard it?

Id really like to see what would happen if someone stole my identity - if they find a way to get a credit card under my name, I hope they let me know how its done because I've had no luck!

its probably to stop people from watching movies online via streaming for free. You need Java to do that. think of how much money they are loosing.

People disable Java because they think its got a virus because the guvment told em so and then when they go to watch something online, they get a notification saying they have to install such and such file to continue, they freak out and close the browser. No more customers to the free online streaming web pages, their click rates drop and then they dont get advertising revenue and they go out of business.

online pirating solved

Just use a proper operating system and the Lynx browser

Either that or the new version you get to download later will have some backdoor directly to the ABCs. Just kidding - but this is a conspiracy site.....

Yep, as I suspected...This problem has been around for ages....


Forbes article

“When combined with some of the April 2012 issues, this new issue can facilitate a successful code execution attack on [the] latest [version of the software,] Java SE 7 Update 7,” writes Security Explorations researcher Adam Gowdiak in an email.

Looks like the problem has been around for awhile, and finally Oracle are admitting defeat by not having safeguarded Java, as a consequence, I guess that's why the DHS has put out the warning possibly, along with many others...Sometimes the truth can't hide.

By the way, streaming is unaffected by Java removal.

theres an update here

Oracle updates Java, security expert says it still has bugs

www.reuters.com...

Oracle Corp released an emergency update to its widely used Java software for surfing the Web on Sunday, days after the U.S. government urged PC users to disable the program because of a bug it said made computers vulnerable to attack by hackers.

This is actually legit...but I doubt many of you will listen to me.

I work in Cyber security, specifically Information Assurance (of which scanning and patching vulnerabilities is a primary responsibility). The alert was issued from CERT (a recognized leader in security).

Please, listen to the DHS on this. I don't trust them either, but they are only repeating what CERT put out to stave off potential damage.

The way the exploit works is that a hacker sets up a "rogue" web server with a webpage and java applet that loads the exploit. Then, they can use techniques such as Cross Site Scripting and other ways to get users to go the rogue web server they set up. Once your browser loads their custom java applet (which is the exploit) it will exploit your machine giving the hacker complete access to your machine. At which point the hacker and look through all of your files, put your computer on a bot net, could use it as a relay for illegal material such as child porn, etc.

I work for the Department of the Navy (as a civilian) and we worked overtime this weekend to do what we can to mitigate this vulnerability until a patch comes out. This is a big deal. Take it seriously. Disable Java.

To me, the correct way of dealing with this kind of exploit was to involve Oracle totally in the discovery, methodology and solution to the problem. Java is a key piece of so many fantastic and useful applications, and JavaScript is such instrumental middle-ware to the worlds largest web sites, that telling people to shut it off is really an insult to the technology.

As confident that I am that Oracle is actively responding to this problem, we would all be better served if Homeland Security, Cert and Oracle presented this jointly to the public, with an assurance that they will close these security holes in short order.

It's sickening that 90% of the Windows, Firefox, Adobe Flash, Adobe Reader and Java Updates are patches to defend against "hackers". Now, the government is getting in on these dire warnings.

Are these "hackers" real or fictitious? Rather than go after them, it's almost as if software corporations and the U.S. government are elevating them to a level of a respected foe.

Perhaps these "hackers" keep certain people in jobs and money flowing into security companies? If so, that would make them a valuable ASSET to our economy. I suppose the corporate entities who create cancer causing substances for our food, cleaning solutions and air are loved and appreciated by the medical community. It's disgusting how money trumps morals in this society. Hopefully I'll live long enough to witness the end of it all, and see those who are "in charge" get their payback.
-cwm