Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Jan 31, 2013, 10:23 AM   #51
Steve121178
macrumors 68000
 
Steve121178's Avatar
 
Join Date: Apr 2010
Location: Bedfordshire, UK
Quote:
Originally Posted by pmz View Post
Oh yeah its really "professional" to leave your users vulnerable to crippling attack, privacy invasion, etc. etc.

THAT is the Microsoft definition of "professionalism". The moment you turn it on, you're at risk of losing everything.
Nothing about your post is accurate.
__________________
13" rMBP Haswell i5/16GB/512GB (Late '13) 21.5" iMac i5/16GB/1TB Fusion (Late '12) iPhone 5s 32GB iPad rMini 32GB
Steve121178 is offline   3 Reply With Quote
Old Jan 31, 2013, 10:24 AM   #52
thejadedmonkey
macrumors 604
 
thejadedmonkey's Avatar
 
Join Date: May 2005
Location: Pa
Send a message via AIM to thejadedmonkey
The problem is if you do need java - say for work purposes - and it suddenly stops working.

Most people would assume it's an internal issue, not their mac that's broken.
__________________
MacBook 17" MacBook Pro iPod Nano Apple TV
PS4 Custom Windows 8.1 Desktop WP8
"Good judgment comes from experience,
experience comes from bad judgment."
- Mulla Nasrudin
thejadedmonkey is online now   3 Reply With Quote
Old Jan 31, 2013, 10:24 AM   #53
arkmannj
macrumors 65816
 
arkmannj's Avatar
 
Join Date: Oct 2003
Location: UT
Send a message via AIM to arkmannj
I had to download Java's Developer build to get Java working. This is not cool I need Java (both plugin and RunTime) for work


URL: http://jdk7.java.net/download.html
arkmannj is offline   1 Reply With Quote
Old Jan 31, 2013, 10:24 AM   #54
jk1002
macrumors member
 
Join Date: Jun 2008
To fix this, for those who need Java

Go into system preferences - Security &Privacy

Under general tab, click advance button, tick off the automatically update safe download list

This essentially will prevent apple from updating your system settings, you switch off e virus protection of Mac OS so put it back on once java is fixed.

Locate the core.types.bundle under system - library - core services

Right mouse lick, then choose show package contents in the pop up menu,

Go to contents - resources - xprotect.meta.plist

Right mouse click, adjust authorizations for everyone to read write. Copy the file to your desktop.

Open it in text edit, set the java version back tom1.7.11.21

Save, copy file back into the bundle and restart your machine



Apple is an ******* company for managing security like this. They knocked out my corporate VPN connection for hours so I couldn't work.

A virus is not much worse. The do not have a clue what their business customers are doing.
jk1002 is offline   3 Reply With Quote
Old Jan 31, 2013, 10:24 AM   #55
Steve121178
macrumors 68000
 
Steve121178's Avatar
 
Join Date: Apr 2010
Location: Bedfordshire, UK
Quote:
Originally Posted by koban4max View Post
as much as I hate apple doing this..you need to move to pc if that's the case.
I use PC's more than Macs and I have not been affected by this issue. My point still stands that it is unprofessional of Apple to act in this way.
__________________
13" rMBP Haswell i5/16GB/512GB (Late '13) 21.5" iMac i5/16GB/1TB Fusion (Late '12) iPhone 5s 32GB iPad rMini 32GB
Steve121178 is offline   2 Reply With Quote
Old Jan 31, 2013, 10:25 AM   #56
till213
macrumors regular
 
Join Date: Jul 2011
Quote:
Originally Posted by ConCat View Post
Some people actually need it in certain business environments.
In business environments...

Quote:
Originally Posted by ConCat View Post
Apple really should quit doing this, and I mean now. If we want it disabled, we can disable it ourselves.
... you (your admin) should really know how to enable it again, after Apple has blocked it! Otherwise you really don't need it...

Given the fact that Mac computers are probably used by a majority of home users what Apple does is good practise here. All other people - including Power Users(tm) - know anyway how to circumvent Apple's settings.
till213 is offline   3 Reply With Quote
Old Jan 31, 2013, 10:28 AM   #57
NYmacAttack
macrumors 6502
 
Join Date: Dec 2005
Location: NY
Quote:
Originally Posted by till213 View Post
In business environments...



... you (your admin) should really know how to enable it again, after Apple has blocked it! Otherwise you really don't need it...

Given the fact that Mac computers are probably used by a majority of home users what Apple does is good practise here. All other people - including Power Users(tm) - know anyway how to circumvent Apple's settings.
That may be true however when Apple does this without warning any admins all these remote "home users" are stuck.

Its very unprofessional no warning just *BAM*
__________________
Black MB C2D 2.16
NYmacAttack is offline   3 Reply With Quote
Old Jan 31, 2013, 10:34 AM   #58
derbladerunner
macrumors regular
 
Join Date: Sep 2005
Quote:
Originally Posted by till213 View Post
Given the fact that Mac computers are probably used by a majority of home users what Apple does is good practise here. All other people - including Power Users(tm) - know anyway how to circumvent Apple's settings.
But ask how many people (including me) searched for an hour if not longer finding the cause(s) for this issue.

There is no clear communication from either Apple or in the UI (error message/pop-up).

I kept searching in Java Preferences and Console trying to find out why my apps don't work properly
derbladerunner is offline   2 Reply With Quote
Old Jan 31, 2013, 10:37 AM   #59
moxin
macrumors regular
 
Join Date: Feb 2011
Don't know why Apple does this, being JAVA developer, it makes me think i better dual boot Windows to get things working right...
moxin is offline   0 Reply With Quote
Old Jan 31, 2013, 10:42 AM   #60
SamEdwards
macrumors newbie
 
Join Date: Mar 2010
Totally Frustrating

I am sysadmin for a San and the Fibre Channel switch requires Java in a browser to setup and monitor. It can take hours to work around Apple's security. Why not just pop up a dialog box and allow the user to decide on a case by case basis if they want to block Java?
Thanks to those who posted work arounds.
It's moments like this that I understand the Apple haters.
Sam
SamEdwards is offline   3 Reply With Quote
Old Jan 31, 2013, 10:44 AM   #61
jk1002
macrumors member
 
Join Date: Jun 2008
Apple seems to be clueless when it comes to their business customers.

This is really ridiculous. This causes as much damage for some as a potential virus attack.

Not every business user has an admin on hand, some are working in small companies or in virtual situations.

This is really a serious issue for some. Switch to windows or you should know how to are not reasonable replies.
jk1002 is offline   4 Reply With Quote
Old Jan 31, 2013, 10:55 AM   #62
guzhogi
macrumors 68020
 
guzhogi's Avatar
 
Join Date: Aug 2003
Location: Wherever my feet take me…
Quote:
Originally Posted by jk1002 View Post
Apple seems to be clueless when it comes to their business customers.
Clueless or just don't care?
guzhogi is offline   2 Reply With Quote
Old Jan 31, 2013, 10:56 AM   #63
Serelus
macrumors Demi-God
 
Serelus's Avatar
 
Join Date: Aug 2009
Location: Vm9pZA
Quote:
Originally Posted by Steve121178 View Post
I use PC's more than Macs and I have not been affected by this issue. My point still stands that it is unprofessional of Apple to act in this way.
You can keep saying this, but to just leave the vulnerability there would be just as unprofessional. It's not argument to leave people at risk, just for the sake of those who can't use certain things properly anymore. Apple claims safety first, troubleshoot later.

Quote:
Originally Posted by moxin View Post
Don't know why Apple does this, being JAVA developer, it makes me think i better dual boot Windows to get things working right...
You're a JAVA developer, yet you don't understand that JRE (runtime) isn't effected by this and it's only the browser plugin that's blocked. All of your JAVA application programming is solely used in browsers?
Serelus is offline   0 Reply With Quote
Old Jan 31, 2013, 10:57 AM   #64
topmike
macrumors member
 
Join Date: Feb 2009
icloud uses Java too

This is too funny


I went to www.icloud.com to make some changes to my account - which for some reason, the icloud site uses JavaScript!

Of course Safari blocks access to it. The screenshot was from Safari.

(I think MacRumors uses Java to submit reply's too.....)
Attached Thumbnails
Click image for larger version

Name:	Screen Shot 2013-01-31 at 5.56.27 PM.png
Views:	41
Size:	417.9 KB
ID:	393780  
topmike is offline   2 Reply With Quote
Old Jan 31, 2013, 10:59 AM   #65
Mike1984
macrumors newbie
 
Join Date: Oct 2010
Selective Security Restriction

Quote:
Originally Posted by iphone495 View Post
The bad news never stops with Java. Not that I would use it anyways.
Can't wait for Apple to Blow Away it's own JavaScript libraries when those security flaws come out. No Wait, they NEVER DO.

----------

Quote:
Originally Posted by Serelus View Post
You can keep saying this, but to just leave the vulnerability there would be just as unprofessional. It's not argument to leave people at risk, just for the sake of those who can't use certain things properly anymore. Apple claims safety first, troubleshoot later.
Selective Security.
Apply IGNORES JavaScript Security issues, it depends on Java script.
Mike1984 is offline   0 Reply With Quote
Old Jan 31, 2013, 11:00 AM   #66
Ralf The Dog
macrumors regular
 
Join Date: May 2008
I am thinking about enabling Java for Safari and only for Safari, then making sure, users only use Safari for the few trusted websites that require Java. If it is not on the list, use Firefox.

Edit to say, Some people above are confusing Java with JavaScript. They are unrelated, other than they both run on computers and can be connected to a web browser... and the confusing name.
Ralf The Dog is offline   1 Reply With Quote
Old Jan 31, 2013, 11:03 AM   #67
Rocketman
macrumors 603
 
Rocketman's Avatar
 
Join Date: Dec 2001
Location: Claremont, CA
Quote:
Originally Posted by tigres View Post
Could not agree more.
I was just on my 401k website attempting to make changes.
Now I know why I could not do it.

I see a lot of java required sites in my business of finance; I guess we are the only ones who use it heavily?

Whatever the reason, it is making my life difficult.
Agreed. Interestingly the only viable alternative I have is to run Windows! In 2013.
__________________
Think Different-ly!
All R House jobs bills die in D Senate. Buy a model rocket here: http://v-serv.com/usr/instaship-visual.htm Thanks.
Rocketman is offline   3 Reply With Quote
Old Jan 31, 2013, 11:08 AM   #68
spazzcat
macrumors 68000
 
spazzcat's Avatar
 
Join Date: Jun 2007
Quote:
Originally Posted by topmike View Post
This is too funny


I went to www.icloud.com to make some changes to my account - which for some reason, the icloud site uses JavaScript!

Of course Safari blocks access to it. The screenshot was from Safari.

(I think MacRumors uses Java to submit reply's too.....)
JavaScript does not equal Java. They have similar names, but they are not even kinda like each other....

Last edited by spazzcat; Jan 31, 2013 at 11:18 AM.
spazzcat is offline   6 Reply With Quote
Old Jan 31, 2013, 11:10 AM   #69
Serelus
macrumors Demi-God
 
Serelus's Avatar
 
Join Date: Aug 2009
Location: Vm9pZA
Quote:
Originally Posted by topmike View Post
This is too funny


I went to www.icloud.com to make some changes to my account - which for some reason, the icloud site uses JavaScript!

Of course Safari blocks access to it. The screenshot was from Safari.

(I think MacRumors uses Java to submit reply's too.....)
You're clearly not a developer, there's a difference between a Java Based - plugin and JavaScript, they are 2 different languages, thus not the same thing.

Quote:
Originally Posted by Mike1984 View Post
Can't wait for Apple to Blow Away it's own JavaScript libraries when those security flaws come out. No Wait, they NEVER DO.

----------



Selective Security.
Apply IGNORES JavaScript Security issues, it depends on Java script.
JavaScript is too basic to block out in it's entirety as too much of the web works on JavaScript. A Java plugin on the other hand is alot less common and isn't required as much as Javascript nor is it as easily exploitable by another end-user. As the JRE(runtime) can give external users complete remote control, where with Javascript this is technically possible but alot harder to achieve.

Besides security is security, leaving any of them is irresponsible and leaving it there is not an excuse nor is it in anyway professional.
Serelus is offline   2 Reply With Quote
Old Jan 31, 2013, 11:10 AM   #70
notjustjay
macrumors 603
 
notjustjay's Avatar
 
Join Date: Sep 2003
Location: Canada, eh?
OK, OK, I'm sorry, I'm sorry.

I don't work with business/finance/banking software. I didn't realize that apparently a lot of it relies on Java applets that run in your browser.

I still think that's a dumb and vulnerable approach, but I understand that it's frustrating that you can't get work done as a result.

So, business environments aside, there is no real reason for your average Joe to need Java applets when browsing the web on a day-to-day basis, and for security reasons, they should leave it off.
__________________
.
notjustjay is offline   0 Reply With Quote
Old Jan 31, 2013, 11:14 AM   #71
SmileyBlast!
macrumors 6502
 
Join Date: Mar 2011
Quote:
Originally Posted by jonatron View Post
Classic if it doesnt affect me its not important.

This has stopped by company from using its finance system and staff are currently sat around twiddling their thumbs. Plus it took me an entire morning to work out what the issue was as there was no notification from Apple.

Thanks for your really useful advice!

I re-iterate what some others have said. THIS IS NOT ACCEPTABLE BEHAVIOUR from Apple and they need to sort this out pronto.
So Apple is actively trying to stop your computer from being exploited by hackers and you think that is unacceptable?

What would you say if they did nothing and your machine got hacked?
SmileyBlast! is offline   0 Reply With Quote
Old Jan 31, 2013, 11:16 AM   #72
sseaton1971
macrumors 6502
 
Join Date: Feb 2012
Quote:
Originally Posted by FakeWozniak View Post
It would be nice to know WHY stuff stops working.

Does anyone know how to see what is added regularly from Apple? I don't really feel like monitoring the blacklist file. I suppose the people who write the malware do though :-(

I use a Java based 'meeting' program from work and I don't know if it is the program or Java or the network...

Anyone know if Flash is in blacklist file? :-)
As far as I know, the only two browser plugins that are being "protected" by Xprotect are Flash and Java. I agree, it would be nice if there was at least some sort of warning.
sseaton1971 is offline   0 Reply With Quote
Old Jan 31, 2013, 11:19 AM   #73
coolfactor
macrumors 65816
 
Join Date: Jul 2002
Location: Vancouver, BC CANADA
Quote:
it is unclear why the company waited several weeks to update its plug-in blacklist.
Maybe they were giving Oracle a chance to fix the second problem? A grace period, but Oracle has failed to deliver, so the block went into place.

----------

Quote:
Originally Posted by Mike1984 View Post
Can't wait for Apple to Blow Away it's own JavaScript libraries when those security flaws come out. No Wait, they NEVER DO.

----------



Selective Security.
Apply IGNORES JavaScript Security issues, it depends on Java script.
Ignorant post.

- Apple is constantly updating its WebKit and JavaScriptCore "libraries", on a daily basis through the WebKit project (www.webkit.org)
- Java (not the same as JavaScript) is not "script".
coolfactor is offline   1 Reply With Quote
Old Jan 31, 2013, 11:20 AM   #74
sseaton1971
macrumors 6502
 
Join Date: Feb 2012
Quote:
Originally Posted by Rocketman View Post
Java on 10.6 and before stopped working entirely. I have a standalone Java app I use on 10.4.11 and one day it just up and stopped working. Java says Apple is responsible for updating and of course Apple has not updated it either. This is a black hole because something that worked and was trusted by being rare and obscure, no longer works and I had no choice to "opt out."

Unless someone here has a suggestion.

Rocketman
I am still using 10.6 on my personal laptop, and several of the laptops I deploy in our school district still are at 10.6. Both Java and the browser plugin are working fine. Did the standalone Java app you are using get updated? Perhaps it requires a newer version?
sseaton1971 is offline   0 Reply With Quote
Old Jan 31, 2013, 11:20 AM   #75
DaveTheRave
macrumors 6502
 
Join Date: May 2003
Quote:
Originally Posted by SmileyBlast! View Post
So Apple is actively trying to stop your computer from being exploited by hackers and you think that is unacceptable?

What would you say if they did nothing and your machine got hacked?
Have you been reading the other posts? Part of our frustration is that Apple has not communicated what they did. Protecting computers is OK, but they need to tell us what they did and give those of us rely on it (yes, some of us who work for banks, etc have to have it) a way to continue to use it if despite the risk. My company is not going to hack me. I shouldn't have to go to a rumor site to find out why my remote access doesn't work.
DaveTheRave is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 05:08 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC