UnThreaded | Threaded | Whole Thread (8) | Ignore Thread Prev Thread | Next Thread
Author: TMFCogitarius Big gold star, 5000 posts Old School Fool Home Fool Global Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: of 6630  
Subject: How to disable Java on a Linux machine? Date: 1/10/2013 10:49 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
There's this security warning doing the rounds, asking users to disable Java :

'Computer users are being advised by security experts to disable Oracle's(ORCL) widely used Java software after a security flaw was discovered in the past day that they say hackers are exploiting to attack computers.'
http://www.mercurynews.com/business/ci_22349948/experts-urge...

Unfortunately, the only option I can find on either Chrome or Firefox is to disable JavaScript.

How should I disable Java, and what impact will it have on my machine?
--------------
MDP Home Fool
Print the post Back To Top
Author: JeanDavid Big gold star, 5000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 6604 of 6630
Subject: Re: How to disable Java on a Linux machine? Date: 1/11/2013 8:28 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 1
How should I disable Java, and what impact will it have on my machine?

I do not know how you should disable it, but one way you can do it is to remove it entirely from your system. That is a bit much, but you could always reinstall it again if you change your mind.

My distro (RHEL 6) keeps theirs up to date automatically and I just let it run because I need it to access some of the stuff at my broker's web site.

A slightly less drastic is to find the program that runs it and set the permissions to 0. Then only root could run it. And if you are smart, you never run a web browser as root anyway.

On my system, I would suggest you set either /usr/bin/java or /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java permission to 0. Your system may be set up differently, but that is the idea.

$ ls -l /usr/bin/java
lrwxrwxrwx. 1 root root 22 Dec 12 21:44 /usr/bin/java -> /etc/alternatives/java
]$ ls -l /etc/alternatives/java
lrwxrwxrwx. 1 root root 46 Dec 12 21:44 /etc/alternatives/java -> /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
D

Print the post Back To Top
Author: sportscliche One star, 50 posts Old School Fool CAPS All Star Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 6605 of 6630
Subject: Re: How to disable Java on a Linux machine? Date: 1/11/2013 1:53 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
The way I read the article, hackers are attacking machines via a user's web browser. I'd think the popular Firefox extension No-Script would be the first line of defense.

I've been running No-Script for years and have found it to be a most interesting experience. There are usually many domains being used to render a webpage. This page, for example, pulls data from fool.com, foolcdn.com, doubleclick.net, tacoda.net, aolcdn.com, clicktale.net, quantserve.com, and google-analytics.com. I am blocking scripts on all but the first two and can navigate TMF just fine.

Print the post Back To Top
Author: TMFCogitarius Big gold star, 5000 posts Old School Fool Home Fool Global Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 6606 of 6630
Subject: Re: How to disable Java on a Linux machine? Date: 1/11/2013 2:25 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Hi JeanDavid - thanks for the response!

Apparently the problem is with the browsers:
"Disable Java in web browsers

This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, disable Java in web browsers.

Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client:

For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab.

If you are unable to update to Java 7 Update 10 please see the solution section of Vulnerability Note VU#636312 for instructions on how to disable Java on a per browser basis."
http://www.us-cert.gov/cas/techalerts/TA13-010A.html

In both Firefox and Chromium, I could only identify (and disable) one plug in using Java apps: ' IcedTea-Web Plugin (using IcedTea-Web 1.2 (1.2-2ubuntu1.3)) '

---------------
MDP Home Fool

Print the post Back To Top
Author: pleached Big red star, 1000 posts Old School Fool Global Fool Motley Fool One Everlasting Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 6607 of 6630
Subject: Re: How to disable Java on a Linux machine? Date: 1/11/2013 3:23 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Apparently the problem is with the browsers

Yup. The 0 Day ( which might actually be the return of an imperfectly fixed bug spotted last fall ) is a defect that defeats the sandbox in which applets are supposed to run.

So, no need to drop the hammer on java system wide ( and the things that use java, like open/libre office ).

For backstory on this or other vulns, or for timely updates, there are a handful of regularly updated sources. Wolfgang Kandek at Qualys, does a nice job of keeping pace in a way that makes it easy to filter out things that don't interest you ( @wkandek on twitter, or http://laws.qualys.com ).

Print the post Back To Top
Author: TMFCogitarius Big gold star, 5000 posts Old School Fool Home Fool Global Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 6608 of 6630
Subject: Re: How to disable Java on a Linux machine? Date: 1/13/2013 9:35 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Thanks! Both Firefox and Chromium have an option to disable Javascript. Is that also required to deal with this problem?
--------------
MDP Home Fool

Print the post Back To Top
Author: Kurtv Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 6609 of 6630
Subject: Re: How to disable Java on a Linux machine? Date: 1/13/2013 11:31 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
No, Java and Javascript are two different things.

Print the post Back To Top
Author: pleached Big red star, 1000 posts Old School Fool Global Fool Motley Fool One Everlasting Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 6610 of 6630
Subject: Re: How to disable Java on a Linux machine? Date: 1/13/2013 4:55 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
nope :)

Print the post Back To Top
UnThreaded | Threaded | Whole Thread (8) | Ignore Thread Prev Thread | Next Thread
Advertisement