Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




232 posts

Master Geek
+1 received by user: 25

Trusted
Subscriber

Topic # 113935 1-Feb-2013 22:21 Send private message

http://www.stuff.co.nz/technology/gadgets/8251915/Apple-blocks-Java-on-Macs-due-to-vulnerabilities

This is why I run Firefox - at least that way, *I* can make informed decisions and stay in control of what *I* want *MY* computer to run...

Firefox at least offers me the option to run a Java app if I want to; the Safari block seems to have no override option.

I notice that someone has commented on the Stuff article:

Wait, let me get this right. Apple has the power to tell all Mac's what software they can and can't run? So Apple could disable all software from their competitors (i.e. Microsoft, Google, etc)? That's outrageous!

I'm fairly sure that is over-simplifying the issue; hopefully, it's just a Safari plug-in block (which Firefox can also do); but I can appreciate the sentiment...

Create new topic

gzt

4316 posts

Uber Geek
+1 received by user: 192

Subscriber

  Reply # 754670 2-Feb-2013 08:42 Send private message

From the average user point of view this is a good decision. There are severe vulnerabilities here which have been clearly demonstrated. Average user does not want to be reading security all day and implementing mitigation every time something like this comes up.

3771 posts

Uber Geek
+1 received by user: 146

Trusted
Subscriber

  Reply # 754681 2-Feb-2013 09:00 Send private message

I agree, it's horrendously bad for Apple to be able to block legitimate apps (using a feature that was advertised as anti-malware) with no notification and no knowledge base article on how to re-enable them. I've disabled Xprotect updates on my systems after what happened last time, but if the blacklist has already been updated then this doesn't re-enable the affected apps. The only solution that I'm aware of is to hand-edit the blacklist file.

Edit: What on earth?! As mentioned above I disabled the blacklist updates but just tried to use a Java-based site and it has *STILL BLOCKED IT*. What the hell is the point of having an option if the system ignores it?!



232 posts

Master Geek
+1 received by user: 25

Trusted
Subscriber

  Reply # 754688 2-Feb-2013 09:16 Send private message

gzt: From the average user point of view this is a good decision. There are severe vulnerabilities here which have been clearly demonstrated. Average user does not want to be reading security all day and implementing mitigation every time something like this comes up.


Agree entirely - my point, however, is that Apple have (one again!) provided NO CHOICE over this block.  In my opinion, there should be an override - a "yes, I'm aware of the risk, let me do it anyway" option; I don't know if there is a "whitelist" for trusted websites, which would be absolutely 100% required in the corporate world.  Providing "auto stupid-user safety" is good, but so is providing "power-user control"; Apple do the first well, pity they consistently ignore the second.


3771 posts

Uber Geek
+1 received by user: 146

Trusted
Subscriber

  Reply # 754705 2-Feb-2013 09:46 Send private message

Java Update 13 re-enables the plugin, but I'm still trying to find out why it got disabled in the first place when my system was set to not automatically install security updates.

Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Vodafone TV multicast settings on pfSense?
Created by kenkeniff, last reply by chrispchikin on 22-Aug-2014 22:36 (133 replies)
Pages... 7 8 9


CGA. Is it fair?
Created by BTR, last reply by bazzer on 22-Aug-2014 11:02 (86 replies)
Pages... 4 5 6


Warning about Pure Hosting
Created by LostBoyNZ, last reply by MichaelNZ on 23-Aug-2014 19:19 (43 replies)
Pages... 2 3


Lightbox press event release
Created by freitasm, last reply by Lightbox on 22-Aug-2014 17:04 (469 replies)
Pages... 30 31 32


It was hardly 'hacking' was it?
Created by CB_24, last reply by gzt on 21-Aug-2014 22:26 (97 replies)
Pages... 5 6 7


Free: Smart Button for your Android device
Created by freitasm, last reply by BigHammer on 23-Aug-2014 19:04 (111 replies)
Pages... 6 7 8


Vodafone are actually a joke.
Created by tehgerbil, last reply by KiwiNZ on 23-Aug-2014 15:33 (18 replies)
Pages... 2


Vodafone now charging you to receive a bill via post
Created by stocksp, last reply by Linuxluver on 22-Aug-2014 19:45 (86 replies)
Pages... 4 5 6



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.