Jump to content


Welcome to DBSTalk


Sign In 

Create Account
Welcome to DBSTalk. Our community covers all aspects of video delivery solutions including: Direct Broadcast Satellite (DBS), Cable Television, and Internet Protocol Television (IPTV). We also have forums to discuss popular television programs, home theater equipment, and internet streaming service providers. Members of our community include experts who can help you solve technical problems, industry professionals, company representatives, and novices who are here to learn.

Like most online communities you must register to view or post in our community. Sign-up is a free and simple process that requires minimal information. Be a part of our community by signing in or creating an account. The Digital Bit Stream starts here!
  • Reply to existing topics or start a discussion of your own
  • Subscribe to topics and forums and get email updates
  • Send private personal messages (PM) to other forum members
  • Customize your profile page and make new friends
 
Guest Message by DevFuse

Photo

US-CERT: Disable Java


  • Please log in to reply
57 replies to this topic

#41 OFFLINE   SayWhat?

SayWhat?

    Hall Of Fame

  • Topic Starter
  • Registered
  • 5,612 posts
Joined: Jun 06, 2009

Posted 20 January 2013 - 08:13 AM

AVG Free version is rated 5 out of 6 for Protection.


I stopped using that after it turned into bloatware.

I also used AdAware and SpyBot for a long time, but stopped when they got too big.
Help stamp out Twits and Twitterers!

HD, SchmacHD!! Just be glad you've got a picture at all.

...Ads Help To Support This SIte...

#42 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 20 January 2013 - 12:24 PM

We were considering Microsoft Corporate AV, but I didn't like some of the things said (bad reviews a conspiracy, no need for Microsoft security updates, av updates no more than 2 meg total.

Going to look at Kaspersky.

#43 OFFLINE   jimmie57

jimmie57

    Hall Of Fame

  • Registered
  • 3,613 posts
  • LocationTexas City, TX
Joined: Jun 26, 2010

Posted 20 January 2013 - 01:46 PM

We were considering Microsoft Corporate AV, but I didn't like some of the things said (bad reviews a conspiracy, no need for Microsoft security updates, av updates no more than 2 meg total.

Going to look at Kaspersky.


For several years I used PC-Cillin by Trend Micro. The new software is Titanium. It is rated 6 on the protection level. The IT guy where I used to work had it installed for the company system and still does.

The reason I left them was that I used to let the subscription run out and pick it up the next month, trying to save money. It would work but would no longer update.
Well, when it came that time of year it stopped working without any notice whatsoever and left me totally exposed. I vowed that I would never buy it again.
It was very good however.

DirecTV customer since 1996 - Current :Slimline 3 SWM,   HR24-100 HDMI to 32" Sharp LED,
HR24-100 Component cables to 46" Samsung LCD & Optical Cable to Yamaha AVR, H21-200 HDMI to Yamaha AVR & HDMI to 52" Mitsubishi LCD


#44 OFFLINE   wilbur_the_goose

wilbur_the_goose

    Hall Of Fame

  • Registered
  • 4,406 posts
Joined: Aug 16, 2006

Posted 21 January 2013 - 06:45 AM

dpeters - no signature updates? At work, mine updates every day.

#45 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 21 January 2013 - 06:58 AM

No, they said that there were signature updates, but that an entire set, not the average delta, was only 2 meg, even though when I looked at the manual update file, it was 60 meg.

#46 OFFLINE   billsharpe

billsharpe

    Hall Of Fame

  • Registered
  • 2,271 posts
  • LocationSouthern California
Joined: Jan 25, 2007

Posted 21 January 2013 - 03:04 PM

In my opinion, as a certified IT security guy, Norton is a waste of money. Microsoft Security Essentials is more effective, has a smaller footprint, and is free.


+1

I have MSE installed on all three of my computers.

I gave up on Norton several years ago after I kept getting "Norton has encountered a problem. Please reinstall."

Norton had great software when Peter Norton was still running the company.
Bill

Family room: Sony Bravia KDL-40SL130
Living room: Sceptre 32 inch

#47 OFFLINE   satcrazy

satcrazy

    Icon

  • Registered
  • 742 posts
  • LocationGreat lakes, NW Pa.
Joined: Mar 15, 2011

Posted 25 January 2013 - 01:25 PM

What is the general idea now, install latest version ? [ had to un-install mine as it didn't have the disable feature] or, as a tech friend suggested, run without it until you find you have to have it. [ hopefully a stable patch by then?]

He also said the same thing dpeters11 said, It's not the first or last for Java. Also, the best protection is always running your pc in user mode and password protect all accounts.

I use Bit defender [ 2011 version] myself, and Kaspersky would be my second choice.

I actually loaded MSE and found a bug that bit defender didn't, but it couldn't do anything with it. [ yeah, I'm second guessing BD now]

I had Norton many years ago but it missed infections and got too big.


I think there is no magic bullet as all the AV's are flawed, IMO.

So, do you re-load Java or not?

#48 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 25 January 2013 - 02:19 PM

I don't install Java on my home systems. The only thing I used it for is the DBSTalk chatroom, and I can change my agent ID to make it use the iPad version.

Plus, I hate the fact that you have to deselect the ask.com toolbar everytime. Worse, I didn't realize this. If you aren't thinking, and miss the checkbox during an update, it tells you that you successfully installed Java and Ask. So you think to yourself, shoot, now I need to uninstall. Guess what? It's not in add/remove programs. The Ask.com installer pauses for 10 minutes, then installs.

http://www.zdnet.com...tes-7000010038/

#49 OFFLINE   satcrazy

satcrazy

    Icon

  • Registered
  • 742 posts
  • LocationGreat lakes, NW Pa.
Joined: Mar 15, 2011

Posted 25 January 2013 - 02:33 PM

jeez,
I never noticed the ask.com checkbox during an update. Realy? Well, that's crap [you can't un-install it.] Revo works great for that [ not free, but a excellent program, I tried the trial version to eliminate a self installed program I could not get rid of, worked like a dream!

So, besides programming a car and the dbs chat room, why do we need java again?

#50 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 25 January 2013 - 02:54 PM

Oh, you can uninstall it, you just have to wait 10 minutes after it says it was successfully installed.

At work, there are several things that require it, including the Federal court system, and the USPTO. While at the same time another government agency says to get rid of it.

Several programs run on Java outside of the browser, which isn't as big an issue. GoToMeeting, Minecraft etc. Blu-Ray players use it even. It's really mainly the use in the browser that is the big security issue.

#51 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 28 January 2013 - 01:14 PM

Shocking, even set to very high in update 11, which does not allow unsigned apps to run, an unsigned app can run using a vulnerability:

http://seclists.org/...re/2013/Jan/241

#52 OFFLINE   satcrazy

satcrazy

    Icon

  • Registered
  • 742 posts
  • LocationGreat lakes, NW Pa.
Joined: Mar 15, 2011

Posted 30 January 2013 - 07:31 PM

Is it more vunerable in IE than Firefox?

It isn't looking like I'm going to re-install soon.:eek2:

#53 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 30 January 2013 - 09:01 PM

Java is not safe in any browser.

I also found Oracle has a head of Java security. I hope he was recently hired.

#54 OFFLINE   satcrazy

satcrazy

    Icon

  • Registered
  • 742 posts
  • LocationGreat lakes, NW Pa.
Joined: Mar 15, 2011

Posted 30 January 2013 - 09:10 PM

O.K.

So you can install it for use outside of your browser, just disable it in the browser[s] then?

#55 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 30 January 2013 - 09:19 PM

Right, if you have apps that use it, like Minecraft, gotomeeting, etc. otherwise, don't bother with it at all.

Ok, I guess if you had to choose, Firefox would be safer with Click to Play. However, a lot of people will just click it without considering the ramifications. Plus, is it possible that there is a security hole that bypasses that? I'm still not going to risk it.

Edited by dpeters11, 31 January 2013 - 07:54 AM.


#56 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 01 February 2013 - 02:19 PM

Java 7 update 13 is available, they skipped 12. Update if you have an older Java 7. Don't use Java if you don't need it :)

Also, I'm going to give the head of Java security a pass. He was hired by Oracle in August. We'll give him a few months to correct 7+ years of issues.

#57 OFFLINE   phrelin

phrelin

    Hall Of Fame

  • Registered
  • 13,481 posts
  • LocationNorthern California Redwoods
Joined: Jan 18, 2007

Posted 02 February 2013 - 12:52 PM

To get the release 7-13 add-on to install correctly in Firefox it took a bit of undoing and redoing, I guess because I don't know what I'm doing. But it works. I have to use it as I have routine stuff I do using noaa.gov, bls.gov, and doleta.gov web sites. Unfortunately government web sites rely heavily on Java.

I'm assuming that by using the 13 release, the danger level is no worse than driving a car.

"In a hundred years there'll be a whole new set of people."
"Always poke the bears. They sleep too much for their own good."

"If you're good enough, they'll talk about you." - Tom Harmon
A GEEZER who remembers watching TV in 1951 and was an Echostar customer from 1988 to 2008, now a Dish Network customer.
My AV Setup
My Slingbox Pro HD Experience
My Blog: The Redwood Guardian


#58 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,115 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 02 February 2013 - 03:21 PM

I agree, the government makes it hard. One agency tells you to get rid of it, others require it. We have the same issue at work. Federal Courts require it, Patent office requires version 6.

In that case, Firefox's click to run might help for someone that knows when to allow it to run or not. Problem is some will just click and enable.




Protected By... spam firewall...And...