SOWPub Small Business Forums

SOWPub Small Business Forums (http://www.sowpub.com/forum/index.php)
-   SOWPub Business Forum (http://www.sowpub.com/forum/forumdisplay.php?f=2)
-   -   Java Exploit (http://www.sowpub.com/forum/showthread.php?t=8270)

Bozo August 29, 2012 04:16 PM

Java Exploit
 
Anybody else worried about the latest Java exploit?

I disabled Java in both of my browsers and I have discovered that the web sucks without Java. Apparently even this posting form needs java for the buttons to work.

Google "java exploit" and make up your own mind.

shelbyc August 30, 2012 12:06 AM

Re: Java Exploit
 
Thanks for the post, I didn't even realize there was a chance of an exploit there.

I'll probably turn Java off for the short term if it's even on now.

If other people are concerned about it they could boot up with a Linux Thumb Drive or Live CD and run that to prevent permanent damage on their computers.

Bozo August 30, 2012 12:42 AM

workaround
 
Quote:

Originally Posted by shelbyc (Post 31716)
Thanks for the post, I didn't even realize there was a chance of an exploit there.

I'll probably turn Java off for the short term if it's even on now.

If other people are concerned about it they could boot up with a Linux Thumb Drive or Live CD and run that to prevent permanent damage on their computers.


I didn't realize it either until this latest threat. Apparently java has been vulnerable for years.

I found http://noscript.net/ , which fixes Firefox. Well, maybe not fixes the problem but it does allow you to decide to run java or not, on a site by site basis.

In Chrome you can disable java completely. Then when you hit a site that uses it a tiny icon appears in the address bar that lets you run java or not.

So, same functionality in both browsers. The question remains though...which sites to trust?

Phil August 30, 2012 01:07 AM

Re: Java Exploit
 
Probably, a Good idea to First read, understand the issues a little more before deciding, currently and into the Future... :)

Just Maybe a [HOTSHEET] idea(S)...

For a Few SowPubber's Hotsheet Guru's! ...

And All Kinds of other Possibilities, Opportunities etc. etc... ;)
http://gcn.com/articles/2012/08/27/j...n-ivy-rat.aspx

Phil

Ankesh August 30, 2012 06:50 AM

Re: Java Exploit
 
Small issue: javascript and java are 2 different things.

Noscript and other such extensions and addons disable javascript.

Rule of thumb: everything online is exploitable.
Javascript exploits are actually pretty minor when you look at the whole experience.

1. The computer you logon from. It could have a spyware on it that sends your data to someplace else.

2. Some one could sniff and scan the data on your wifi and gain information that is not passed through https.

3. The servers where your username / password and credit card details are stored - they could be hacked and exploited. Yes even Google's gmail was hacked by some Chinese hacking agency some time back.

You can take reasonable precautions. But nothing is safe online.

1. Run an anti-virus and a spyware remover once a week automatically.

2. Use a browser like Tor if you don't mind a sub-optimal performance.

3. Make your password long and hard to be cracked.
http://xkcd.com/936/

4. Whenever you're entering your credit card details online, make sure the URL has https://

5. Go through all your credit card statements and bank statements.

6.Enable 2-step login authentication with folks that provide this service. Google does. Most banks do.


All times are GMT -4. The time now is 02:41 AM.

Powered by vBulletin Version 3.6.0
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.