Yeah, but lately, the weak point has been either Java or Flash, being the first one the most common nowadays. It may be time to ditch JAVA, and get over with this nonsense. It has had too many security flaws, and nothing can assure us there are no more to be discovered.
Very true. And likely part of why Apple ditched 'in house' support for Flash and Java. Many don't need either with sites moving to be more device friendly and they are security nightmares. By reducing Apple's connection they can get out of liability issues for supporting them at their service options also, so a win win in many ways
I'm rather impressed myself with their turn around on a patch and pull once they could see the issue first hand. Matter of days it seems. So the number of users computers affected, provided everyone installs this, should be low. In fact I would hazard that Apple admitted the attack in part because they know they get spread around the sites so folks should see the news about the updates as well. Taking one for the greater good if you will.
----------
Safari has had 'drive by' vulnerabilities too which have been fixed; do you still occasionally use Safari?
Safari hasn't had nearly as many issues as Flash or Java. To the point where I don't have either installed on my main machines. I have one old laptop I use for streaming music and such that still has Flash and Silverlight.
I've done pretty good so far on still having access to everything I need
----------
I do wonder if the compromize is bigger than they admit. This morning I got a your account was accessed from a new device warning. Also one of my colleagues got the same thing. Seems like some user accounts "might" have been grabbed from apple.
Are you sure that was from Apple and not a phish to get you to change your password. It would be the right time for someone to try that trick. Same group or other
----------
If the Chinese hacks are "supposed" and not real, and the US government is behind a massive hoax, then they got Facebook, Apple, the New York Times and many others to cooperate in the hoax.
You have no proof this was some ploy to get folks to side with the cyber security folks at the cost of access etc. or that Apple etc were involved. Even if this was a 'fake' Chinese attack, the folks doing it could have actually attacked these groups without their prior knowledge or consent. And who knows what other companies without their knowledge that just haven't admitted it