Conversation

Notices

1. Embed this notice
   Jon Kulp

   Ok I’m having trouble understanding the Java warnings. Should I uninstall JRE and iced-tea plugins or should I worry about javascript pages?

   about 5 months ago from sn.jonkulp.net
   • Embed this notice
     theru

     @jk you can just disable the iced-tea plugin. That’s what I’ve done. If I want to use a site that requires java I’ll use chromium for that

     about 5 months ago
   • Embed this notice
     Jon Kulp theru

     @theru ok I’ve disabled plugin on Chromium & FF. Our university payroll management system requires the plugin though LOL. Time to update it.

     about 5 months ago
   • Embed this notice
     Jon Kulp theru

     @theru is it dangerous to run a java desktop app though? Like JabRef or Minecraft?

     about 5 months ago
   • Embed this notice
     theru

     @jk we have a national 2 factor aut thing over here requires java. So banks and government sites requires java sigh.

     about 5 months ago
   • Embed this notice
     Jon Kulp theru

     @theru Noooo!!!!

     about 5 months ago
   • Embed this notice
     theru

     @jk usually exploits happens through sites (browser) so I don’t thing you need to worry about running desktop apps

     about 5 months ago
   • Embed this notice
     theru

     @jk the reason I’ve disabled it in FF and only use Chromium to access these sites :)

     about 5 months ago
   • Embed this notice
     Jon Kulp theru

     @theru but why is it safer in Chromium?

     about 5 months ago
   • Embed this notice
     theru

     @jk it’s not safe in chromium – the thing is I never use chromium. Only for 2 sites that requires jave :) All my browsing is done in FF

     about 5 months ago
   • Embed this notice
     morph theru

     @theru @jk It seems now, that FF deactivates the Java Plugin automatically. You’ll get a message and can set a rule for the page, if you need it. That’s good, so you won’t get in trouble with NoScript blocking other non-Java objects.

     about 5 months ago
   • Embed this notice
     theru morph

     @morph yep you have to activate it in the browser :) I’m running the nightlys on Android been like that for some time.

     about 5 months ago
   • Embed this notice
     Jon Kulp theru

     @theru gotcha. Makes sense.

     about 5 months ago
   • Embed this notice
     Jon Kulp morph , theru

     @theru @morph I like this behavior.

     about 5 months ago
   • Embed this notice
     theru

     @jk yea – I’ve got noscrip that does some of the same – but the fact that it’s build in is nice. Does it with flash as well I think

     about 5 months ago
   • Embed this notice
     lnxwalt morph , theru

     @morph @jk @theru I don’t like when a site uses JS and Flash from five different domains to try to force you to turn off NoScript.

     about 5 months ago
   • Embed this notice
     theru morph , lnxwalt

     @morph @jk @lnxwalt will bring my blood pressure up a tad as well – yelling will happen.

     about 5 months ago
   • Embed this notice
     Jon Kulp morph , theru , lnxwalt

     @morph @theru @lnxwalt that does sound pretty shady.

     about 5 months ago
   • Embed this notice
     morph

     @lnxwalt @jk @theru This sucks, but is quite common meanwhile. This third party thing makes it easy to place exploits to vulnerable servers, which cannot be controlled by the owner of the trusted domain. Anyway to trust a site might not save me, if it is cracked.

     about 5 months ago
   • Embed this notice
     Jon Kulp

     @theru yes when this behavior is built in it helps protect normal users.

     about 5 months ago