Page 1 of 3 123 LastLast
Results 1 to 10 of 28

Thread: What do I need to know about this Java issue everyone's talking about?

  1. #1
    Join Date
    Oct 2012
    Location
    here and there, they say.
    Beans
    Hidden!
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Cool What do I need to know about this Java issue everyone's talking about?

    I've been reading this thread about Java Security:
    http://ubuntuforums.org/showthread.p...2#post12459242

    Honestly, it's a little over my head. (I have been focused on reading the stickies in the Security Threads to learn more about security. Problem is, I'm just not "there" yet, skills- or experience-wise)... I also didn't want to be 'that guy' that interrupts the flow of a good thread with a noob question - which is why I'm posting here.

    I realize there's a series of exploits in Java. I just don't want to be doubly 'at risk' due to my lack of knowledge.

    I'm not sure what I can/should do about this that continues to insure my safety/security. I see some discussing the idea that (paraphrasing), if you're using the latest Firefox (18), there are "no worries", or there are other discussions surrounding the use of AppArmor (again, I'm not "there" yet, skillwise). There's a lot of cross-talk from people that have (clearly) a lot of knowledge.

    I'm not ashamed to admit this, but the extent of my know-how right now is limited to having "Enable Javascript" UNchecked.

    Can anyone throw a few other pointers my way?
    Also, I see I have updates for OpenJDK 7u9-2.3.4... (I've seen discussions mentioning how the issues facing Java likely made their way into OpenJDK)... Should I update these then seek further updates?

    It's a little frustrating not knowing what to do. ...And, yes, I don't mind if you explain it as though I'm 5.

    Thanks.

  2. #2
    Join Date
    May 2012
    Beans
    277

    Re: What do I need to know about this Java issue everyone's talking about?

    Yes please update openjdk, as this exploit will probably work in even the open source version of java that Ubuntu uses.
    Free or open java issues effect us all.

  3. #3
    Join Date
    Dec 2005
    Location
    Western Australia
    Beans
    11,479
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: What do I need to know about this Java issue everyone's talking about?

    Java and JavaScript are two completely different things. You can keep JavaScript enabled.

    To fix the Java issue: it is really easy. Simply remove Java using your package manager.

    Attempting to work around the current Java problem will do you no good against the next Java problem in a month or two. Removing Java will render your computer safe against Java flaws.
    I try to treat the cause, not the symptom. I avoid the terminal in instructions, unless it's easier or necessary. My instructions will work within the Ubuntu system, instead of breaking or subverting it. Those are the three guarantees to the helpee.

  4. #4
    Join Date
    Oct 2012
    Location
    here and there, they say.
    Beans
    Hidden!
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: What do I need to know about this Java issue everyone's talking about?

    Quote Originally Posted by 3rdalbum View Post
    Java and JavaScript are two completely different things. You can keep JavaScript enabled.

    To fix the Java issue: it is really easy. Simply remove Java using your package manager.

    Attempting to work around the current Java problem will do you no good against the next Java problem in a month or two. Removing Java will render your computer safe against Java flaws.
    Aah! Got it. Thank you for explaining.
    Should I do this in addition to what MadmanRB suggested above (updating openJDK)?
    Is there a lot of "loss of functionality" when I do remove Java? Sorry, that's probably a stupid question.
    Last edited by MyTinFoilHat; January 17th, 2013 at 04:53 PM. Reason: clarification of response.

  5. #5
    Join Date
    Jan 2013
    Beans
    3

    Re: What do I need to know about this Java issue everyone's talking about?

    Quote Originally Posted by MyTinFoilHat View Post
    Aah! Got it. Thank you for explaining.
    Should I do this in addition to what MadmanRB suggested above (updating openJDK)?
    Is there a lot of "loss of functionality" when I do remove Java? Sorry, that's probably a stupid question.
    There will be some loss of functionality in Java-enabled websites, and if you use Java-based development tools like NetBeans, you won't be able to use them anymore. But not a lot of websites use Java anymore -- most have switched to Flash, and even Flash is going away in favor of HTML5. So unless you use NetBeans, I don't think you have anything to worry about.

  6. #6
    Join Date
    Nov 2012
    Location
    Halloween Town
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: What do I need to know about this Java issue everyone's talking about?

    According to an official announcement from Homeland Security, the day before yesterday
    Unless it is absolutely necessary to run Java in web browsers, disable it ... even after updating to 7u11. This will help mitigate other Java vulnerabilities that may be discovered in the future.
    Java Still Insecure Warns Homeland Security

  7. #7
    Join Date
    Jul 2008
    Location
    The Left Coast of the USA
    Beans
    Hidden!
    Distro
    Kubuntu

    Re: What do I need to know about this Java issue everyone's talking about?

    Oracle is vainly patching cracks in the asphalt in an intersection built on a rapidly growing sink hole.

    The whole thing needs to be redesigned and completely reconstructed.

  8. #8
    Join Date
    Feb 2010
    Location
    New York
    Beans
    52
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: What do I need to know about this Java issue everyone's talking about?

    ImageJ needs java and loads it when you install. Is there any way to just have java used for allowed apps?

  9. #9
    Join Date
    Sep 2009
    Beans
    56

    Re: What do I need to know about this Java issue everyone's talking about?

    Also, I think if you did not install the restricted extras you wont have java. So, if you are only using the restricted-addons (but not the entire restricted extras package) you should be fine.

  10. #10
    Join Date
    Nov 2012
    Location
    Halloween Town
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: What do I need to know about this Java issue everyone's talking about?

    Quote Originally Posted by QIII View Post
    Oracle is vainly patching cracks in the asphalt in an intersection built on a rapidly growing sink hole.

    The whole thing needs to be redesigned and completely reconstructed.
    You couldn't be more right. That's what should be Oracle priority right now, instead of a damage control approach.

Page 1 of 3 123 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •