Um.... blocking exploits should be done at the liberty of the administrators, not by the manufacturer. That's the business's decision to make. Not Apple's. If Apple is serious about continuing to claim to serve the Enterprise market (which they have repeatedly shown more and more that they are completely inept at) then they will cease this practice immediately.
Um... Apple does allow the administrators to turn off the malware-blocking options if they choose to do that. The checking is turned on by default, and that's definitely the right decision.
Did you do any research before making this post? It took me about 2 minutes to find the checkbox.
In the business world, when you have several thousand workstations on your network, it is unacceptible and impractical to ask an administrator to manually have to disable a block.
This option has been in OS X for several years. If admins wish to override the default [safe] behavior, they should have
already done it a long time ago.
And for some businesses, 1-2 hours is too long. What if you are in medicine and your medical database uses a Java based client? Someone could die if you lose access to these records for 1-2 hours.
WTF would someone need to use Java code in the client browser in order to access a medical database? This hypothetical is also a
FAIL.
This would NEVER fly on a Microsoft product.
What exactly is the "this" you're talking about? Why do you presume that some company couldn't override the malware option if they chose to do that?
If this is what people will have to expect from Apple, then they will not use their products for the Enterprise.
Your message makes no sense. Your "this" is based on misconceptions and failed hypotheticals.
Apple continues to play God and show an arrogance towards the Enterprise about their needs.
How, exactly? Any personal user who wishes to can override the option. And any enterprise that wishes could also override that option enterprise-wide. Simple.
Your complaints are groundless.
We don't want to be cleaning up computers, but we also don't want apple flipping a switch and instantly rendering the tools that we use on a day to day basis instantly inoperable indefinitely while there is no update available to patch the hole.
Then you have an obvious choice: disable Apple's real-time updating of the malware database.
Users (at least the ones that work for us) are far more irritated when the whole organization can't do their day to day job than individual isolated computers being compromised.
Then the answer is simple. Override the default, and make your Macs more promiscuous.
Disabling third party software such as Java is not increasing security. It's called crippling someone else's system.
Here's a different perspective: using vendors which continue to use something as broken as Java in web browsers holds the risk of crippling your entire organization. Your company sounds ripe for a spear phishing attack.
I say again: suppose a company uses a java based tool. Apple flips a switch and makes it useless. What would you tell them?
If you have proper planning in your organization and have decided that allowing zero-day attacks from Java and Flash is your preferred means of operating, you would have
already changed that security option on the Macs in your enterprise.
Here's a question for you: how long will it take before your company realizes that Java/Flash in web clients is a terrible idea and you will phase them out?