Java was specifically designed to uniquely support the different environments Java applets are most often found in online games. ![]() Java Applications that run stand-alone were not subject to the same vulnerability. NOTE: The Java vulnerabilities were in Applets that only run within a browser environment. Oracle does not have a Java version that runs on any OS X platform prior to OS X 10.7.3. Since that time Oracle refined and improved the vulnerabilities fix in Java 7 but Apple has not further updated Java 6. When exploitable vulnerabilities were found in Java applets they were corrected in Oracle's version of Java and in a subsequent patch to Java 6 by Apple. When Apple made the wise decision to turn Java support for the Mac over to Oracle (who by that time had bought out Sun Microsystems) they dropped support and update of Java. ![]() The only version of Java for OS X 10.6 was written by Apple based on what has then Sun Microsystem's Java. (JDK without JRE is pretty much useless, so downloads typically will or will not be labeled as "including JDK".)Įxpanding on ganbustein's usual excellent post, since you're running OS X 10.6.3, you Java is not up to date I can't locate them, but there're posts, if not an entire thread, devoted to a recent Java scare and the applicable patch. When you go to Oracle (the current owner of Java) to check for downloads, be sure to check which of these they're talking about. If you didn't already know this, you don't need JDK. JDK (Java Development Kit) is what you need to write your own Java programs. JRE (Java Runtime Environment) is all you need to run Java programs written elsewhere. I have no opinion whether you should remove it from your system. I recommend disallowing Java in your browser. Instead, they're using HTML 5 and other features of newer browsers that weren't available widely or at all when the original decision to use Java was made. And fewer every day, since the websites that still use Java are moving away from it to soothe users who panicked over the scary headlines. If you disallow Java in your browser (which is not the same thing), you'll only break a few websites. If you remove Java from you system, you'll break any apps that use it. From a security standpoint, it makes absolutely no difference. App Store applications are required to be sandboxed.) Most apps you download onto your Mac will be written in Objective C and/or C++, but a few popular apps (Minecraft, for example) are written in Java. The fact that you installed it on your computer is what gives it that access. Doesn't matter what language it's written in. The headlines shouted "JAVA UNSAFE!!!" They should have said, "On reflection, it turns out that Java's security is almost but not quite as bullet-proof as previously believed."īut remember, when you download an application to run it on your computer, it has full access to everything. Flaws were found in the JRE (Java Runtime Environment) that did allow carefully crafted Java applets to break out of the sandbox and gain full access to your computer. An embedded Java application can indeed provide fancier graphics than your browser natively supports, but has no direct access to your filesystem and cannot affect anything outside that web page's sandbox.Īt least in theory. Java was widely believed to be immune to these problems. ![]() The unintended consequence was that it had unrestricted ability to install malware on your system. The intent was to allow fancier graphics than your browser natively allowed. It allowed a website to download compiled native code to your machine and run it there, where it had the full run of your system. For example, ActiveX was one of Microsoft's more idiotic ideas. It doesn't matter if it's written in C or C# or Java or Assembler, if you didn't download it on purpose from a reputable developer to meet a specific need, it has no business running on your computer.Īs a special case of that, it is insane to tell your browser it has permission to download and run any application that a website offers. It doesn't matter whether the program comes to you as an embedded applet on a web page, or come as a. Especially if you don't even know you're doing it. ![]() It is insane to go around running every application you come across on the internet. Java is just as safe as any other programming language. It's safe to delete Java as long as you aren't using it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |