Ditching Java might be a good move

Is this a default setting? Which version? Stable?
Or is it a matter of having "click to play" ticked? In which case, it isn't a default property.

 

The approach I use for IE 9.

 

A better method in IE might be to remove the plugins ability to run on all sites, then you should get a prompt every time it wants to load.

 

Yes, this is default in all Chrome versions for a while now. Chrome also warns you if your Java plugin is out of date before Java runs.

 

That might work, although I have Group Policy settings for plug-ins that might make that approach difficult for me, but I'll give it a try. thanks for the suggestion!

 

I removed it few months ago and now I realize I don't need it either. It looks like I've been installing it just out of the habit.

 

I have a 401k at work and Java is needed for the pie charts and stuff and I have online banking which would not too well with out it.

 

A fair argument on needing Oracle Sun Java or not here

JavaRA has moved

Update your Bookmarks.

Regards,

 

More evidence presents that ongoing Java vulnerabilities posted by F-Secure indicate a computer without Oracle Sun Java is probably safer.

 

Okay, I went ahead and disabled it in IE since I rarely use IE for anything, anyway. However, will I be "safer" if I disable the add-on in Firefox, but not in Chrome, and then use Chrome (and only Chrome) for sites that use Java? I mean, both browsers use the same plugin (npjp2.dll), right?

 

Since I don't use Chrome, I could not give you a definitive answer as to what to disable - the consensus is Oracle Java should be removed completely across all Browsers and platforms. I have yet to do this.

This would be to say, disable all plug-ins, extensions, etc without uninstalling the actual application. As to alternatives to Oracle Java, I have none to offer at this time.

This is strictly user choice based on Java Exploits noted over a year or more.

 

Download, Release Notes

 

Have any of these exploits been shown to work against an EMET'd Java?

 

OK, thanks for the link.

 

https://www.wilderssecurity.com/showpost.php?p=1831563&postcount=43

 

Interesting. Thank you MrBrian.

 

With the Opera browser, using Java is not a problem.

I keep plugins disabled in global preferences, so no chance of getting a Java exploit if redirected to a compromised site.

If the Java plugin is needed on a trusted site, as I encountered this evening in sending some documents to my insurance company -- their page uses Java to upload/scan attachments -- it's just a few clicks to enable it:




----
rich

 

Palant doesn't love Java and is "waiting for java applets to die".
https://adblockplus.org/forum/viewtopic.php?p=55020#p55020

 

Heck, it's just like Silverlight... the more I think it's useless, the more I find services using it. Recently, it was a regular expressions website. Java is the same thing. Many may not need it, at all - so uninstall it; those needing it, once in a while - disable it, until you need it. Is this really so hard to accomplish?

On a side note, I'm pretty sure a lot are also wishing the good ads thing of Adblock Plus to die too. (Sorry folks, I just couldn't resist. ) Our wishes simply don't come true, most of the times.

-edit-

I'd like to see Java to work on a low integrity level, though. Or, in other words, a sandbox.

 

Yes. I definitely agree. Oracle imho doesn't even try and just bank on the fact that it's hard to "ditch" Java at this time.