Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Feb 1, 2013, 10:08 PM   #51
MacMan988
macrumors 6502a
 
Join Date: Jul 2012
It seems no matter how secure and defensive your mac is, java will be always there to open a backdoor in it.
MacMan988 is offline   1 Reply With Quote
Old Feb 1, 2013, 10:28 PM   #52
dilbert99
macrumors regular
 
Join Date: Jul 2012
Quote:
Originally Posted by fahlman View Post
http://support.apple.com/kb/DL1573

My Mac is not insecure.

.
a bit naive?
dilbert99 is offline   1 Reply With Quote
Old Feb 1, 2013, 10:45 PM   #53
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
Quote:
Originally Posted by Puevlo View Post
It's scary just how unsecure Macs really are.
This Java vulnerability affected all systems with Java installed so that includes Windows, Linux, and etc.

Also, no payloads targeting OS X have been included for exploits of this vulnerability in the wild but payloads for Windows and Linux are circulating in the wild.

This lack of payloads is most likely due to Apple being able to quickly blacklist vulnerable version of plugins.

So, at least Apple is doing something to effectively mitigate this vulnerability from being exploited in the wild.
__________________
Mac Security Suggestions
munkery is offline   2 Reply With Quote
Old Feb 1, 2013, 10:51 PM   #54
RMo
macrumors 6502a
 
Join Date: Aug 2007
Location: Iowa, USA
Quote:
Originally Posted by fahlman View Post
When will we get a proper Preference Pane? It's little things like this that tells me they are doing as little as possible to support Java on Mac OS X.
I doubt that will happen. The Preference Pane appears to be a constant across all versions of Java, being no more than a "stub" that launches a Java application that contains the actual preferences--the same Java preferences that you'd find on any other platform. They'd have to re-write it using (most likely Objective C and) Cocoa, which I suspect they are not likely to want to do given that it goes against the cross-platform advantage of Java itself. Or Apple could let Java app(let)s be embedded in the System Preferences app.
RMo is offline   0 Reply With Quote
Old Feb 2, 2013, 12:14 AM   #55
justperry
macrumors 603
 
justperry's Avatar
 
Join Date: Aug 2007
Location: 7 Km South of an active upside down (boat) volcano.
Quote:
Originally Posted by dilbert99 View Post
a bit naive?
Mac Virus/Malware FAQ - Mac Guides
justperry is offline   3 Reply With Quote
Old Feb 2, 2013, 01:00 AM   #56
Mr. Retrofire
macrumors 601
 
Mr. Retrofire's Avatar
 
Join Date: Mar 2010
Location: www.emiliana.cl
Quote:
Originally Posted by dilbert99 View Post
a bit naive?
No.
__________________

“Only the dead have seen the end of the war.”
-- Plato --
Mr. Retrofire is offline   0 Reply With Quote
Old Feb 2, 2013, 01:43 AM   #57
ipetro
macrumors newbie
 
Join Date: Feb 2013
Quote:
Originally Posted by pgiguere1 View Post
This does not work.
You need to navigate to http://www.java.com/en/download/testjava.jsp
here you can test if you have it.
ipetro is offline   0 Reply With Quote
Old Feb 2, 2013, 02:16 AM   #58
canadianpj
macrumors regular
 
Join Date: Jun 2008
Quote:
Originally Posted by cosmos View Post
Unless you absolutely need Java installed, do yourself a big favor and uninstall it. Trust me, you will sleep better at night.
Or just disable it in the browser. It's of use to me for programs like Minecraft and Crashplan. I'm not worried about it when it's out of the browser.
canadianpj is offline   0 Reply With Quote
Old Feb 2, 2013, 02:54 AM   #59
1Alec1
Banned
 
Join Date: Jan 2013
Location: The Democratic Republic of Congo, you racist!
Whatever. Is there a 32-bit version available for my MacBook, or will I be stuck with Java 5? I guess this is a rhetorical question.
1Alec1 is offline   0 Reply With Quote
Old Feb 2, 2013, 03:54 AM   #60
Mr. Retrofire
macrumors 601
 
Mr. Retrofire's Avatar
 
Join Date: Mar 2010
Location: www.emiliana.cl
Quote:
Originally Posted by 1Alec1 View Post
Whatever. Is there a 32-bit version available for my MacBook, or will I be stuck with Java 5? I guess this is a rhetorical question.
Which OS?
__________________

“Only the dead have seen the end of the war.”
-- Plato --
Mr. Retrofire is offline   0 Reply With Quote
Old Feb 2, 2013, 04:00 AM   #61
jonatron
macrumors member
 
Join Date: Jun 2007
Location: Leeds, UK
Quote:
Originally Posted by fahlman View Post

Apple doesn't maintain Java 1.7.x. You would be better served looking here: http://www.oracle.com/technetwork/to...3-1841061.html
Yes thanks for that but I am fully aware that Apple doesnt maintain Java.

I'm looking for the info on their site from Apple about why they blocked it. Guidance for this going forward. Maybe some kind of press release. I work in IT and this kind of secretive update is not acceptable. Businesses need some communication from Apple. A solitary pop up which doesnt explain anything apart from I have to update (when there isnt even an update available) is just not enough.

Im sorry but that is not Oracle's responsibility, they didnt block it. Their responsibility is on fixing and releasing updates for Java, and communicating about them, not having to explain Apple's dirty work.

I'm not sticking up for java here BOTH Apple and Java at fault.
jonatron is offline   1 Reply With Quote
Old Feb 2, 2013, 04:01 AM   #62
Tech198
macrumors 68040
 
Join Date: Mar 2011
Location: Australia, Perth
Another fix ...

Job well done..... Now lets exploit it.
__________________
13" MBPR, i5, 256Gig SDD, 8 Gig Ram, Apple TV, iPhone 5S 16Gig, iPad 16Gig, Mac Mini 2.3Ghz i7, 1TB HD
"There are no stupid questions, just stupid people."
Tech198 is offline   0 Reply With Quote
Old Feb 2, 2013, 05:19 AM   #63
kot
macrumors regular
 
Join Date: Sep 2011
Can someone tell me what's going on on my system?

Why do the versions differ?
I'm on OS X 10.8.2
Attached Thumbnails
Click image for larger version

Name:	Screen Shot 2013-02-02 at 3.18.42 PM.png
Views:	70
Size:	93.9 KB
ID:	394073   Click image for larger version

Name:	Screen Shot 2013-02-02 at 3.18.45 PM.png
Views:	41
Size:	72.5 KB
ID:	394074  
kot is offline   0 Reply With Quote
Old Feb 2, 2013, 05:26 AM   #64
justperry
macrumors 603
 
justperry's Avatar
 
Join Date: Aug 2007
Location: 7 Km South of an active upside down (boat) volcano.
Quote:
Originally Posted by kot View Post
Can someone tell me what's going on on my system?

Why do the versions differ?
I'm on OS X 10.8.2
As far as I can tell your internet plugin is Java 7 while the runtime is Java 6.

I could be wrong though.
justperry is offline   0 Reply With Quote
Old Feb 2, 2013, 05:45 AM   #65
photographypro
macrumors regular
 
Join Date: Jul 2010
Location: American in Pisa (Italy)
?

Quote:
Originally Posted by Puevlo View Post
It's scary just how unsecure Macs really are.
It's not Macs, it's Java.
photographypro is offline   0 Reply With Quote
Old Feb 2, 2013, 07:02 AM   #66
AZ-WET
macrumors newbie
 
Join Date: Mar 2009
And finally I can read macrumors.com as normal again
AZ-WET is offline   0 Reply With Quote
Old Feb 2, 2013, 07:04 AM   #67
tlinford
macrumors regular
 
Join Date: May 2009
Location: Edinburgh
Pain in the arse!

I use an important WebApp, run by Medtronic, enabling me to upload data from an Insulin Pump, which helps me to manage my type 1 Diabetes;

The Medtronic CareLink used a Java Applet to drive a wireless device to communicate between the Insulin Pump and the CareLink system..

Every-time Apple blocks, it shuts me out of my medical care, every-time Java update we have to wait for medical testing certification....

It has been an uphill struggle for a number of years to get medical companies to support Mac,

This situation is hardly going to help, is it?
__________________
MacBook Pro 13 inch UniBody 2.53 Ghz, 4GB
iPhone4, 16GB
iPad2, 32GB WiFi 3G
TV2
tlinford is offline   0 Reply With Quote
Old Feb 2, 2013, 07:21 AM   #68
justperry
macrumors 603
 
justperry's Avatar
 
Join Date: Aug 2007
Location: 7 Km South of an active upside down (boat) volcano.
Quote:
Originally Posted by tlinford View Post
I use an important WebApp, run by Medtronic, enabling me to upload data from an Insulin Pump, which helps me to manage my type 1 Diabetes;

The Medtronic CareLink used a Java Applet to drive a wireless device to communicate between the Insulin Pump and the CareLink system..

Every-time Apple blocks, it shuts me out of my medical care, every-time Java update we have to wait for medical testing certification....

It has been an uphill struggle for a number of years to get medical companies to support Mac,

This situation is hardly going to help, is it?
I genuinely feel sorry for you.

I do think that the one which provides this service aren't really smart, now are they.
It already happened a few times, and to rely on an non secure java plugin for healthcare is stupid in my opinion, not your fault, it's the service provider of yours.
About the bolded part, Apple blocks it which sux, but you also say that you have to wait for medical testing certification, now this is sooooo stupid of Medtronic, why they even have this is beyond my understanding.

Similar to Banks, Most/All of Norwegian banks were not accessible if you have a Mac and the former Java plugin (WTF).

We as consumers don't need java, business Yes.
justperry is offline   0 Reply With Quote
Old Feb 2, 2013, 07:46 AM   #69
GTIman
macrumors newbie
 
Join Date: Feb 2013
Location: Madison, WI
Java

Remind me why is there a need for Java.. Don't think i have any apps that need it.
GTIman is offline   0 Reply With Quote
Old Feb 2, 2013, 08:01 AM   #70
zifty
macrumors member
 
Join Date: Jun 2007
Location: Atlanta, GA
It's not Java or Mac OS X

Quote:
Originally Posted by photographypro View Post
It's not Macs, it's Java.
Writing 100% secure & bug free software is impossible (beyond simple "hello world" applications). There are major holes in every OS and app. Finding these is not trivial. Oracle should have fixed these bugs earlier, but they are fixed now. Hopefully they learned a lesson and will continue to keep up with newly discovered bugs. But I can guarantee you there are still exploits to be had in Java, and in OS X too.

The only truly secure computer is one that doesn't turn on.
__________________
MBP 2.66 GHz i7 15" 8 GB RAM 200 GB SSD (running Mac OS X 10.6.3)
zifty is offline   0 Reply With Quote
Old Feb 2, 2013, 08:07 AM   #71
justperry
macrumors 603
 
justperry's Avatar
 
Join Date: Aug 2007
Location: 7 Km South of an active upside down (boat) volcano.
Quote:
Originally Posted by zifty View Post
Writing 100% secure & bug free software is impossible (beyond simple "hello world" applications). There are major holes in every OS and app. Finding these is not trivial. Oracle should have fixed these bugs earlier, but they are fixed now. Hopefully they learned a lesson and will continue to keep up with newly discovered bugs. But I can guarantee you there are still exploits to be had in Java, and in OS X too.

The only truly secure computer is one that doesn't turn on.
Show me a major hole in OS X.
justperry is offline   0 Reply With Quote
Old Feb 2, 2013, 08:23 AM   #72
eco7777
macrumors member
 
Join Date: Dec 2012
java says she does't know if i have java installed…what gives?
eco7777 is offline   0 Reply With Quote
Old Feb 2, 2013, 09:05 AM   #73
bbeagle
macrumors 65816
 
bbeagle's Avatar
 
Join Date: Oct 2010
Location: Buffalo, NY
Quote:
Originally Posted by zifty View Post
Writing 100% secure & bug free software is impossible ... There are major holes in every OS and app. Finding these is not trivial. ........ But I can guarantee you there are still exploits to be had in Java, and in OS X too.
I agree and disagree with your assessment.

Yes, I agree that there are always flaws to be found. Most of it depends on the security of the Operating System, and what functions it allows developers to call, and what side effects any of those might have if developers either intentionally or unintentionally send incorrect parameters.

But for every APP to have major holes is just plain false. Every app, for example, a game, might have no holes because it only allows interaction with a user through a joystick, keyboard arrow keys, or such simple interaction. There is no way to pass bad inputs to the game. Something different like a spreadsheet program might be able to save things to a hard drive which might be compromised if there is bad code, or especially if there is a scripting language which allows arbitrary code to be run in the spreadsheet program.

Java is insecure because it is a gatekeeper for developers to write whatever they want to. Java could be very secure if it was dumbed down, like not allowing any programs to write to a hard drive or send out a web request. But then, it wouldn't be a programming language anymore.
bbeagle is offline   0 Reply With Quote
Old Feb 2, 2013, 09:07 AM   #74
fahlman
macrumors member
 
Join Date: Sep 2003
Far from it.

Quote:
Originally Posted by dilbert99 View Post
a bit naive?
Far from it. I didn't say impenetrable.

By the way, I've been at Mac admin for almost 20 years, since System 7 and AppleShare IP, at printing companies, newspaper/magazine publisher, state university and as a consultant. I've been an Apple Certified Support Professional since 10.6 up to and including 10.8. I'm also an Apple Certified Macintosh Technician.

I will say I just noticed Apple's link redirects the old Java for Mac OS X 10.6 Update 11, not Java for Mac OS X 10.6 Update 12. This is a live link to the download so if you click it it'll immediately begin downloading the .dmg. As an alternative you can go to http://support.apple.com/downloads/ where currently Java for Mac OS X 10.6 Update 12 is the first available download. Don't click the link to the support article because it'll take you to the old version. Click the download button to receive the correct version.
__________________
NOTICE: While every effort has been made to ensure the accuracy of the information supplied herein, fahlman cannot be held responsible for any errors or omissions. Unless otherwise indicated, opinions expressed herein are those of fahlman and do not necessarily represent the views of MacRumors.com

Last edited by fahlman; Feb 2, 2013 at 09:24 AM. Reason: Add correct link
fahlman is offline   0 Reply With Quote
Old Feb 2, 2013, 09:40 AM   #75
C DM
macrumors G4
 
Join Date: Oct 2011
So, again, for those who need the Java web plug-in, why not simply use another browser that supports it, like Firefox (where it can even be quickly enabled if it becomes disabled)?
C DM is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Apple Releases New Java 6 Updates With Enhanced Security, Uninstalls Apple-Provided Java Applet Plug-in MacRumors Mac Blog Discussion 49 Oct 22, 2013 09:58 AM
Apple Releases Safari and Java Updates With Plug-In and Security Improvements MacRumors MacRumors.com News Discussion 77 Apr 23, 2013 03:09 PM
Oracle Updates Java 7 to Address Security Vulnerability MacRumors MacRumors.com News Discussion 72 Jan 19, 2013 11:00 AM
Oracle Releases Patch to Address Security Vulnerability in Java 7 MacRumors MacRumors.com News Discussion 63 Sep 5, 2012 01:02 PM
Oracle releases Java 7 update 6, bringing full OS X support for the first time wrldwzrd89 Apple, Industry and Internet Discussion 1 Aug 14, 2012 05:46 PM

Forum Jump

All times are GMT -5. The time now is 05:20 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC