Slashdot Mirror
Apple Angers Mac Users With Silent Shutdown of Java 7
An anonymous reader writes in with news of the continuing saga of Java patches and exploits. "If you're a Mac user who suddenly can't access websites or run applications that rely on Java, you're not alone. For the second time in a month, Apple has silently blocked the latest version of Java 7 from running on OS X 10.6 Snow Leopard or higher via its XProtect anti-malware tool. Apple hasn't issued any official statements advising users of the change or its reasons, but it's a safe bet that the company has deemed Oracle's most recent update to Java insecure. That's why the company stealthily disabled Java on Macs back on Jan. 10, the same day a Java vulnerability was being exploited in the wild."
This what happens when you lock yourself in to the fascist mindset of Apple.
---- GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
If you ran Linux you wouldn't have to worry about software not being able to run.
Update 13 is already out, and *not* blocked by Apple. All that's blocked are the old, insecure (well, more insecure) versions.
Ask me how the Heisenberg Principle may or may not have saved my life.
Oracle is probably the greediest company on the planet.
Without Java applets, my plan to time travel back to 1997 and surf the web is completely ruined!
There's no -1 for "I don't get it."
But How is it ok for apple to disable software on MY computer, without my permission? I never told apple I wanted XX blocked, so apple should not know I have XX running to begin with. IF apple is blocking XX from my computer, without my permission, then is apple breaking any laws? unauthorized access to a PC for example? As My sig says, im sure its hidden in the EULA somewhere that apple can do this but to me, it is apple breaking into MY PC, and disabling software. That just makes me wonder what else apple has access to???
have you seen my sig? there are many others like it but none that are the same
If you write Java, to hell with you. Worst language on the planet.
Alright this may be a dumb question but does this have any effect on compiling with the most recent version of java in osx? I generally use boot camp for Windows when I do android development, but if I do make something on the osx side I don't want to run into any problems :p
You do realise you can disable this right?
https://discussions.apple.com/thread/4762386?start=0&tstart=0
Quite amazing what a google search for 'disable XProtect' turns up..
All your bytes are belong to Apple.
If you don't like it, run OpenBSD, FreeBSD, Linux, Hurd or some other not-corporately-pwned OS.
It would have been really irresponsible for them to allow it to be used given what we know about the threat.
I dont actually use a mac, for this very reason so no I did not know I could disable it. how many other mac users know they can disable apple watching their PCs without them knowing about it? how many of them even know apple is monitoring their PCs?? I am not a fan of regulation but one where companies who sell electronic devices must have these types of things opt in rather than opt out would be a great first step.
have you seen my sig? there are many others like it but none that are the same
Your keystrokes, for example. The operating system contains a keylogger.
More gay than they *BSD but FrreBSD Philosophie?s must keed to be Kreskin significantly
How dare updates alter behavior! It's your fault for clicking update. Where is the outrage over Windows update changing behavior? Where is the outrage when sudo apt-get update alters the OS? OMG! OMG! OMG!
LOL @ Apple breaking into your computer! Did they hack your password?
No? Oh wait their security app did what security apps do.... Hmmm... Guess you should take the advice above and run GNU Hurd on your Geentoo Leemvox so you can have total freedom.
Those people which rely heavily on using java applets(*) .. and well that must be .. malware devellopers and physicists that actually try to teach physicists in an understandable way.
And I only sympathise with the physicists!
(*)(there indeed are some java applicatIONS that are very good, Jdownloader, JBidwatcher2, for example, and well eclipse)
Mozilla did the same thing with blocking Java on Firefox on January 10th.
Java 7 Update 13 is out already and works on Macs again anyway.
Scorta futuere amo!
Java never really did seem to be high on Apple's list of priorities. Apple is where you get Java for OSX from, not Oracle, and the couple of times I actually wanted to do something with Java on an Apple system (For Minecraft) the system really put up a fight before running it. I'd given up on trying to do any sort of Java development on it a couple years earlier, but I wasn't really trying that hard to get it to work that time.I suppose it'd kind of suck if you have a corporate OSX deployment and need to serve java applets up with it or something, but that idea is almost as implausible as needing java for any web page at this point.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Presenting America's Top Ten Greediest of 2012: http://truth-out.org/news/item/13607-presenting-americas-top-ten-greediest-of-2012
2. Larry Ellison: Collecting Oceanfront
Oracle software CEO Larry Ellison has earned, over the years, almost a permanent spot on our top-ten greediest list. His basic corporate m.o.— buy out his rivals, grab their customers, fire their workers — has never changed.
But Ellison, the sixth-richest man in the world, has turned over a new leaf of sorts. He’s actually sharing the wealth. The catch? He’s only sharing with his sidekicks. In the fiscal year that ended this past May 31, Oracle presidents Safra Catz and Mark Hurd each took home $51.7 million.
And Ellison? His 2012 pay: $96.2 million. His total fortune? Forbes tabs that at $41 billion.
The 10 Greediest Americans of 2011: http://www.nationofchange.org/10-greediest-americans-2011-1324167294
3. Larry Ellison, Oracle CEO
The top exec at business software giant Oracle collected $77.6 million for the fiscal year that ended this past May 31.That piece of change added less than two-tenths of 1 percent to Ellison's $39.5 billion personal fortune, the world's fifth largest.
America’s Greediest: The 2010 Top Ten: http://toomuchonline.org/americas-greediest-the-2010-top-ten/
2/ Larry Ellison: How dare we call him ruthless
Larry EllisonMark Hurd has shown himself to be a whiz at the merge-and-purge corporate CEO two-step. But the master of that merger two-step — snatch a rival’s customers, then fire its workers — has always been Oracle chief executive Larry Ellison, the third-richest man in America.
Oracle has bought out 66 companies over the years, and Ellison, the Wall Street Journal estimates, has collected $1.84 billion in compensation just the last ten years alone. But Oracle’s chief started this past year out vowing to change his ways.
In January, after consummating a $7.4 billion takeover of Sun Microsystems, Ellison had “We’re Hiring” buttons handed out at the news conference to announce the deal — and then royally denounced a news report that Oracle would be axing half of Sun’s 27,600 workers.
“Those who wrote this should be ashamed of themselves,” Ellison ranted. “The truth is, we are going to hire about 2,000 new people to beef up the Sun businesses — about twice as many as we will let go.”
The truth turned out to be anything but. Five months later, with no fanfare, an Oracle filing with the federal Securities and Exchange Commission revealed that the company was taking a huge severance write-off for personnel reductions. As many as 8,600 jobs, one analyst calculated, would be history.
America's Greediest People: Larry Ellison heads up a list full of no-good rich folks: http://www.newser.com/story/76753/americas-greediest-people.html
1. Larry Ellison: The really galling part isn’t the fortune he spent on his yacht—including $10 million for the mast alone. It’s that the Oracle CEO contested the $166.3 million tax appraisal on his mansion, ultimately costing local schools $250,000 a year.
Oracle CEO Larry Ellison To Receive $198 Million Thanks To Fiscal Cliff: http://www.huffingtonpost.com/2012/12/03/larry-ellison-fiscal-cliff_n_2233930.html
PORTLAND, Ore. (AP) — Oracle Corp. will pay three of next year's quarterly dividends this year in an apparent attempt to avoid possible tax hikes for its investors.
The software company said Monday that it will pay dividends for the second, third and fourth quarters of 2013, totaling 18 cents per share, on Dec. 21 to shareholders of record as of Dec. 14.
Oracle is the latest of a string of companies that have moved up quarterly payouts or issued a special end-of-year payment to protect investors from potentially having to pay higher t
What browser do you run on OpenBSD, FreeBSD, Linux, or Hurd? If you said Firefox (the usual default browser in most distros)... guess what? Mozilla blocked Java too!
Scorta futuere amo!
But at least you didn't let the fact that you don't know shit about shit stop you from talking!
It's monitoring in the same sense that antivirus software is monitoring.
SJWs are the new boogeyman. -Me
If you're taking Java7 out because it has an exploit, then FUCKING SAY YOU'RE DOING IT!
Then people will know what the hell is going on and can ignore the update request and revisit when there's a patch.
But no, your users are far too fucking STUPID, right?
After all, you're marketers, not coders and all marketers *know* that the plebs who buy stuff are nimrods. Look at the adverts they create to suck these users in for proof of how much contempt for the people who buy the stuff is.
You know what's worse?
They're so vastly right, you can't even say they're wrong!
Look at how apple creates rabid fanbase. fucking loonies the lot of 'em. Look at them on here, defending this fucking REALLY STUPID BRAINDEAD idea!
Pushback is so weaksauce they can ignore it and of those complaining, most are so bought into "teh apehl" they'll complain, but won't actually change a damn thing they do.
The only ones as nuts over that as apple fans are the bloody steamers. It's like you're NOT ALLOWED to have any reason to reject steam and if you do YOU'RE WRONG!!!!.
Bunch of mongrel idiots the lot of 'em.
WTF is up with the old news on slashdot? Java 7 Update 13 came out the day after this "block" went into affect. Update 13 is NOT blocked and fixes the relevant vulnerabilities:
http://www.macrumors.com/2013/02/01/oracle-releases-java-7-update-13-to-address-security-issues-reenable-web-plug-in-on-os-x/
Trees grow. Oracle CEO Larry Ellison doesn't like trees obscuring his view and he will attempt to bury you with legal fees if your tree obstructs his precious view: http://thevileplutocrat.com/bile/articles/billionaire-jerk-larry-ellison/
Larry Ellison is a bully with the money to make your life miserable if he doesn't get what he wants.
In a trial set to begin June 6, the billionaire plans to take his downhill neighbors, the Von Bothmers, to state Superior Court in San Francisco over how trees in their yard have obstructed his floor-to-ceiling window views of San Francisco Bay. The court date follows a lawsuit Mr. Ellison filed last June alleging he will suffer "irreparable injury" from lost property value if the court doesn't make the Von Bothmers cut their trees in order to "restore Plaintiff's views and sunlight."
Irreparable injury? He's actually playing the victim card?
Ellison has gone so far overboard with his entitled moaning that he has hired a lawyer who specializes in "tree and neighbor" law to fight his case against the Von Bothmers.
The trees in question are three redwoods and an 80-year old acacia.
According to Mrs. Von Bothmers's deposition, she actually has photos showing workers hired by Ellison strapped in her redwoods with the intent to cut the tree tops off illegally. Of course, Mr. Ellison denies ever having hired anyone nor directed anyone to illegally enter the Von Bothmers's yard and cut anything down. There is apparently a gang of tree top vandals plaguing the wealthiest neighborhoods in San Francisco.
Ellison has made two attempts to purchase the Von Bothmers home simply to cut the trees down, offering up to $15 million (double the home's value). Both offers have been rejected. In fact, Mrs. Bothmer is so resilient that she has petitioned the city of San Francisco to protect her beautiful accacia as a "Landmark Tree".
Meanwhile, Mr. Ellison has been so deranged over his partially blocked view that he decided to purchase the home of late socialite/fashionista/philanthropist Dodie Rosekrans at 2840 Broadway in San Francisco - immediately next door to his - for $40 million.
What is actually the problem here? This is no different from a regular antivirus/antimalware software update. Most users will find it valuable that vulnerable plugins are disabled until the user actively reenables them.
companies who sell electronic devices must have these types of things opt in rather than opt out
Opt-in security on mass-market devices generally equates to no security. I don't like Apple's walled garden approach, but I think secure-by-default is the right decision.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Just not 12.10.
PS what is it with all you idiots talking about that one? It's been how long since we've all found out the release was a bit shite?
Yet still you come along with a story about how you have just changed over and it got all wrong.
Either
a) old news, you've whined time and time again about it. You've got your fix now shut the fuck up or we'll bring up apple failures from bloody years ago and see how you like it
b) made up, because you know it's both believable (because of the history of 12.10) and never going to be verified
c) redundant, you used to have this problem then either Ubuntu fixed it a couple of weeks later, but you still want mileage out of it, or you moved to some other distro. But still want more mileage out of it.
I'm figuring (b) myself.
Wow... Apple can't catch a break... You know damn well people would be bitching if they hadn't done this... Apple Fails To Disable Java 7. Millions of Macs Vulnerable. News at 11.
The real Sig captains the Northwestern. This one captains
Maybe im just so stuck on the privacy issues going on in the industry today that I am lumping in something unrelated. It is possible. I dont like that windows "phones home" (niether does anyone here) so why is this ok to many here based on the thread so far??
have you seen my sig? there are many others like it but none that are the same
Well, when Jobs was alive, that is...
Is worse than Hitler.
The summary is incorrect with saying Apple blocked Java 7 on 10.6. Actually, Snow Leopard can't run the new Java from Oracle, it can only run the Apple version of it which is still the 6 series. With this last round of blocking, Apple also blocked their own version on Snow Leopard and Apple has not yet released an update for it last time I checked. Now, in my opinion, this whole blocking thing without notice was extremely unprofessional and made me disappointed in Apple, and that's coming from a Mac fan. I got hit with it the other day and spent hours trying to figure out why in the world Java wasn't working on my machines. Ended up finding a work around editing a .plist file using a console text editor. Definitely not a solution for anyone not familiar with the command line.
It doesn't phone home in the sense that it sends no information about your computer to Apple. It just downloads the latest list of blacklisted software from Apple, and then *locally* it blocks any of the listed applications/plugins from being loaded/started. As others have said: it is no different from auto-updating anti-virus definitions.
but they make it easy and obvious how to turn it back on. Apple hides everything away.
Depends on how it works, if it sends a list of installed software to Apple to check it's bad, but if it downloads a list of plugin signatures to disable because they're outdated and insecure that's not any worse or different than the antivirus downloading virus signatures. I don't see the privacy implications of that, would you elaborate?
Live today, because you never know what tomorrow brings
again, If i run a 3rd party monitoring system, I allowed them into my system. If this is on by default, then I am not sure I am ok with this.. What if apple decides one day that they dont want YY running on macs anymore (they have remote wiped IOS apps that were not "harmful" in the past) they have that ability. I am sure most mac users dont even know about this. I asked a few of my friends who are die hard mac users in the past hour if they knew about this they had no idea.
have you seen my sig? there are many others like it but none that are the same
It doesn't bother me at all. You know why? Because I don't use Windows. You don't have to use it either. If you choose to do so, well, that's your choice. I have no objection to that, but I do get a little sick of people griping about the consequences of their own actions.
And that includes the "privacy issues".
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
AS LONG as the information is presented in a way that users know what they are giving up. Meaning a fully secured system is close to useless because the onyl secure system is an unplugged system. We all know this, we are here on /. now having said that. In this day it is only right for these things to be made aware to the user. Instead of silently removing java, How about a popup explaining why it was disabled and options the user has? or a popup explaining that java is vulnerable, do you want to block it or continue to let it run. Silently blocking ANYTHING is wrong. just as silently installing anything is wrong.
have you seen my sig? there are many others like it but none that are the same
it is apple breaking into MY PC
so if you have automatic updates on - in any operating system or application - that means your system is getting 'broken into'?
Depends on how it works, if it sends a list of installed software to Apple to check it's bad, but if it downloads a list of plugin signatures to disable because they're outdated and insecure that's not any worse or different than the antivirus downloading virus signatures. I don't see the privacy implications of that, would you elaborate?
Apple has been using a blacklist that is updated daily to stop dangerous software from running. It is mostly used against trojans, but also to block Java running as a Safari plugin, which has some rather serious exploits (basically, an applet can replace the default Java security manager with its own, and from then on anything goes), _and_ it is known that these exploits are actually for sale.
So there are no privacy problems whatsoever, and while blocking Java applets might be annoying, the alternative would be highly dangerous. By the way, Oracle has released a new software version fixing about 50 security problems, which is not blocked.
You can't handle the truth!
You are welcome on my lawn.
they have remote wiped IOS apps that were not "harmful" in the past
Citation Needed.
I am not aware of Apple ever "remote wiping" any iOS apps, in fact the mechanism to do that has never been proven to exist. Apple has pulled apps from the App Store before, but if you've already downloaded it you get to keep it and use it to your hearts content. Just can't re-download it.
Just another reason why I will never own a Mac.
again, If i run a 3rd party monitoring system, I allowed them into my system. If this is on by default, then I am not sure I am ok with this..
It's updating a blacklist because people have auto-update on, nothing more. You are not 'allowing them into your system'.
What if apple decides one day that they dont want YY running on macs anymore
That would obviously be pointless given the only thing going on here is updating a blacklist - which is editable by the user - when automatic update is on. So clearly if they were to do that for some reason then the information would be disseminated pretty damn quickly about the simple fix to avoid it.
You keep changing what you are not ok with every time it turns out what you were complaining about does not happen. First it's Apple "breaking into computers", then it's Apple "monitoring your pc", then it's Mac OS X "phoning home", and now it's that this functionality is enabled by default and that Apple can wrongly put applications in that list.
At least in this last case it's two things that are actually true. I personally think that enabling the functionality by default is the right decision. It would indeed be better if users were informed when additional applications/versions are blocked, but that's a minor issue as far as I'm concerned. How many times have you seen other malware scanners popping up a list of all new malware they are blocking after every single update? The fact that applications could be wrongfully blocked is also true, but again the same goes for any malware scanner (and there have been such problems in the past with regular virus scanners killing Windows startup because they quarantined a system dll).
And the whole thing can be disabled. Not everyone may know how, but how many people buying a Windows machine with a stock virus scanner (or having a virus scanner installed by a relative/friend that knows something about computers) knows that? The idea is that such settings do more good than harm in general, and experience shows that this is in fact the case. As long as you're not chained to Apple's settings, it's fine as I'm concerned (unlike their gradual moving towards requiring every single application to be signed by a developer that paid them for a certificate before it can be launched).
"Apple hasn't issued any official statements advising users of the change or its reasons, but it's a safe bet that the company has deemed Oracle's most recent update to Java insecure"
Does this apply to the OpenJDK Runtime Environment
AccountKiller
Worse: They installed their own code on your computer. At root level, no less. They did so before sending the computer to you. It takes over the complete computer, so I'd say it's clearly a root kit. The name of that root kit is OS X. :-)
The Tao of math: The numbers you can count are not the real numbers.
Apple was not supposed to have any viable attack vectors; that's what made it so superior to Windows - you never had to worry about malware or viruses.
Is it just my observation, or are there way too many stupid people in the world?
If you ask this then maybe you shouldn't run Apple (or Microsoft for that matter) software.
thegodmovie.com - watch it
and i love that they killed java and banning flash off the ios was great too! Apple has low tolerance for bullshit.
OS X is SECURE BY DESIGN. It is IMPOSSIBLE for anyone to write a program that give it a virus.
That's the tip of Apple's cock about to thrust into your anus. But it's there to stop Larry Ellison from stealing your appendix and wearing it as a hat. They're doing you a favor. For more protection you'll need to take the whole shaft, then get your children to suck Apple's balls while it's thrusting deep into your lower intestine. But Apple's not going to pull out. Ever. They're like the Ron Jeremy of computing. Forever fucking you.
I dont actually use a mac, for this very reason so no I did not know I could disable it. how many other mac users know they can disable apple watching their PCs without them knowing about it? how many of them even know apple is monitoring their PCs?? I am not a fan of regulation but one where companies who sell electronic devices must have these types of things opt in rather than opt out would be a great first step.
Haha, hilarious!
"I don't use a mac for the reason that I believe it does something that it doesn't actually do".
The summary is flamebait of the highest order. Don't believe everything you read about Apple that is posted on slashdot, especially in the headlines and summaries of posted articles. Usually the truth is somewhat different.
Is to be commended. Unless, of course you are apple.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
It's NOT your computer. You're just renting it from Steve. You could rent one from Bill instead, if you think it'l help any ;)
I'm pretty sure Microsoft would at least announce they are disabling Java before actually doing it.
Firstly, I have nothing against Apple. I bought my first Mac, a Mac Plus in 1985 and I've owned one or more ever since. I find the current track that Apple is following to be very disturbing. Apple always used to be about the customer experience but that seems to be dead and gone. Yes, there was/is a security hole in the Java plugin but completely disabling the plugin is NOT a customer friendly solution and is disproportionate to the risk. Despite the vulnerability I have yet to hear of ANYONE who has been the victim on a Mac. Despite this Apple disabled a plugin that is critical to many people ranging from people running games like Runescape to companies who have legacy point of sale and inventory systems that use Java applets to access database backends. What is next? Disable Flash because of "security risks" what about OSX Applications? They are already forcing sandboxing and draconian rules on developers wanting to sell via the App store.
Keep this up and this is one Apple customer who is going to be looking for alternatives, and where there is one there are probably many.
This is not the first time they've done stuff like this.
If you update your JDK using Software Update, it overwrites all previous versions and turns them into symbolic links to the current version. You then receive an unpleasant surprise when software which relies on a particular JDK breaks for no apparent reason.
The problem is not the changes themselves, but just unilaterally making these decisions and then not telling anyone. If I was working in an enterprise environment and this happened, I too would be incandescent with rage.
Plan My Week for iPhone
Steve Jobs took flash out behind the woodshed and flash didn't come back for dinner. I can say without a doubt that flash is dead, yet if I wanted to counter my own statement I could easily pullup a massive pile of stats that would show Flash on a huge percentage of machines and websites but I can see clearly that no even vaguely bleeding edge websites use it. Flash is just not where the cool kids are. HTML5 has almost entirely taken over all the basic requirements of making a dazzling website that dances about on your screen. I also won't argue that feature for feature HTML+Javascript is better. I know my HTML5 will work on the tidalwave of mobile devices and that is enough for most people.
That all said Jobs killed it because Flash bugs were making him look bad. So now we have round 2 and Java is the one on the Apple chopping block. I think we can all agree that Java in the browser is dead and killing Java on Apple machines might not seem like it is going to ruin things marketshare-wise but keep in mind that many top top top executives are running Apple machines (often to the chagrin of their IT people) these same executives will now resent Java at tiny more than they did before (which might have been zero).
But all that said, I am pretty sure that 90% of the Java being written these days is for the server side of things in large organizations and thus is completely unaffected in theory.
A simple example of how irrelevant such an Apple technology choice can be would be the penetration of Objective-C outside of the Apple ecosystem. I code Objective-C every day and would never consider using it one inch outside of the apple ecosystem. But Apple's move underlines my experience that Java is just not the "Hot" language it was; not dead just not "hot". The mathematical problem with not being the "Hot" language is that it is starting to be nibbled away at the edges without any growth to replace this nibbling. I am seeing Python replacing it as the defacto learning language much as I watched Java replace Pascal as one of the defacto learning languages of the pre 2000's. In science Python is taking over, in finance I am seeing the academic world switching over but not the business world; the business world has a full on love of all things Java.
But before you cast any stones these are all trends; you can yell Hey Mindcraft is Java and it is cool. But what I am saying is that the surface area of Java is retreating toward a core of the business world and it is severely losing its grip on the "programming 101" world; which is where hearts and minds are won. Also keep in mind that many of the kids who may have been learning Java in their programming 101 classes just had all their code die seeing that university students so love their Apple laptops. Hearts and minds baby.
Goodbye old friend.
As an Apple user : no, they don't anger me. Insecure pile of shit 3rd party software (Java) should be disabled.
... I had a cloud server get funky on me and the java console for it ran in java. I had used it before, but suddenly...nothing.
Good thing I had a trusty Ubuntu box nearby.
How was I supposed to know to search for 'disable XProtect' when the Java download link failed? I was cursing Oracle.
No. I was happy they blocked it before I removed it completely anyway.
So, in the name of security, Apple XProtects users of Snow Leopard and higher from the evil Java.
In the meantime Oracle's update is only good for Lion or better.
But usage numbers from last month showed 10.6 and lower as being the largest installed base of Mac OS.
I'm not seeing how either action works to the greater good of Mac users, especially since Oracle has updates good for XP.
Some days it's just not worth
chewing through my restraints.
If you're going to be mad, yell at Oracle for shit-tier code security.
On Windows (and most other OS I've ever worked with) there would be an audit trail a system admin could follow that would document the changes to the OS. Did this change require users to "opt-in" to automatic updates, or was it done without notice to the end-user/system admins?
Ken
I was the last year in my University to take C++ in freshman Computer Science. Everyone after that was Java. I felt like I dodged a bullet.
The idea of the JVM was awesome... yet it took what 10 years to get other languages compilable for the JVM?
But of course that was never the plan, I suppose.
All these Java developers. They've all be running on almost 20 years of promise...and very little delivery. Not one single app is written in Java that is ubiquitous. 20 years. Even the web browser itself, which they should have been able to rule the world with manifested itself so poorly ( hot Java ) that it was quickly abandoned.
The grand accomplishment Java has had is the honor of getting ripped off by the Android SDK and of course a the honor of the new malwar hot topic.become a
Yay for that I guess.
I'm not seeing this here. But since this is /. if you want to override:
look for your /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist
downgrade the java version. So for today this means change:
from:<string>1.6.0_37-b06-435</string>
to: <string>1.6.0_37-b06-434</string>
I called AppleCare as soon as the plug-in showed up as invalid. The two most infuriating aspects of the call were the impression I got that Apple could hack into my Mac at any time (assuming a network connection to Apple) and the claim that Apple had not installed Java on my machine in the first place. After the call, I checked and indeed Java was installed when I bought the computer, directly contradicting the support supervisor's assertion, but I still have no proof of whether or not Apple has the power to silently force updates.
The security implications of promiscuously running Java applets, so Apple was right to do something. The problem is that they did so without warning; without asking permission; and with no obvious way to re-enable the plug-in. I understand that some people successfully re-enable applets by modifying XProtect.meta.plist, but all I managed was to eliminate the "inactive plug-in" message, leaving a completely empty gray rectangle.
Now, with Apple having repaired the problem, I'm calming down, but I've set up a blog, AppleHackedMyMac to discuss this, the possibly encroaching walled garden, security, and the like.
How is it OK? Because you are running Apple's anti-malware tool and have configured it to pull the list from Apple's servers. A list which you can at will. So if you don't like it.
a) Disable their anti-malware
b) Pull the definitions from somewhere else
c) Modify the file however you want.
Yeah it is isn't like Apple writes books on the design on Darwin, documents the add on services and makes the whole things open source. Oh wait.
Apple runs dozens of these protection services. The average end user has no idea where they do. Apple's position is pretty clear. If you don't know enough to be able to use launchctl and see what Apple is loading you don't know enough to make an informed decision about what should be running.
AC is a total D-bag for ripping such a sweet, fast, open-hardware, low-power device. If any grownups are interested in the specs on this 12-watt, 4-core laptop that runs without any proprietary bios or drivers, check here: http://www.lemote.com/en/products/Notebook/2010/0310/112.html
The Enterprise SDK lets you push out new provisioning files to managed devices. If you were to send an invalid provisioning file the app wouldn't run. Presuming that Apple can do anything you can do with the Enterprise SDK... does that count as a cite?
sudo nano /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist
get real, OpenBSD and FreeBSD let you choose a browser; chromium for example is in the packages. HURD? pffft, who gives a shit
I don't know, i'm aware automatic updates is on, i can't remember whether it asked directly about it. In any case that doesn't answer my question.
How about Oracle angers users by making it so that Apple has to keep blocking their buggy software? Seriously. How long will it take Oracle to learn that exploits are worth paying attention to?
I'm running ML I could be very upset but actually, I hadn't noticed the blocking of Java. Perhaps the fact that I have it and Flash (along with a lot of other cruft) disabled in my browsers masked that fact.
Suppose you were an idiot. And suppose you were a member of congress. But then I repeat myself. -- Mark Twain
My wife has an an Apple MAC OS/X. I don't recall ever giving Apple permission to modify my machine. Does Apple have a back door built into all OS/X systems that allows them to disable whatever they want at will without me knowing? What else can they do? Should I be encrypting all my disk partitions?
pgmer6809
Here are the release notes from this update, which I read this morning when installing this patch:
"On systems that have not already installed Java for Mac OS X 10.6 update 9 or later, this update will configure web browsers to not automatically run Java applets. You may re-enable Java applets by clicking the region labeled 'Inactive plug-in' on a webpage. If no applets have been run for an extended period of time, the Java web plug-in will deactivate."
It's right there, just have to read it. People shouldn't be blindly installing updates anyway.
It's not that American is the only form of English; it's just that it's the only form of English that matters any longer.
Now go back to sucking up your treacle pie, you warm-beer swilling, ex-empire having, Orwell-worshiping putz.
I think you're extremely misguided with regards to how xprotect works.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
I'd go so far as to suggest not believing ANYTHING you read about apple posted on slashdot until you have verified the facts yourself.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
And so you should be cursing oracle. If the software wasn't so hideously insecure, it wouldn't be on the blacklist.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
thereby defeating the purpose of disabling it, if the click-drool uninformed end user can just turn it back on without having to look it up and perhaps be told why it is a bad idea.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
The Enterprise SDK lets you push out new provisioning files to managed devices. If you were to send an invalid provisioning file the app wouldn't run. Presuming that Apple can do anything you can do with the Enterprise SDK... does that count as a cite?
Nope.
Enterprise provisioning profiles are completely different. They (and the development provisioning profiles too) allow you to authorise apps signed by a non-Apple held certificate to run. That is not the mechanism that allows App Store apps to run.
Anyway the OP claimed that it had already happened. No evidence provided.
Oracle owns the rights to the Java VM, but Java language is also used with the Davlik VM on Android. The less people are able to use and develop for Java, the less potential they have to create code that is cross platform (runs on many OSs, not just targeting a single OS), and the less potential they might take up coding applications for Android.
Other languages can compile down to Java byte-code too.
I'm not saying this was Apple's motive, but they're not exactly strong points that would presuade Apple to not make it hard to use Java on Macs either...
thats cause there aren't any windows servers LOL
hahahaha
you made me laugh real hard you asshat
This. Why is that so hard to understand for so many posters? Parent almost nails it.
Compare the statements:
- Mozilla/Apple/whatever should never decide which plugins a user can or can't use!
- grep should never decide what a user can or can't pipe it to!
They're the same as far as the issue is concerned.
How many would use grep if you could only pipe it to some commands if you installed and maintained your own version of grep (Apple) or made several configuration changes on each use (Mozilla)?
If I owned a Mac, the first thing I would do is to investigate disabling automatic updates, remote control, and other internet access that I didn't approve of.
It's standard procedure. FFS, it's so standard, that even my sons do as much with all their devices. They demand that WHATEVER THE HELL they are running, it runs THE WAY THEY WANT IT to run.
There's this newfangled tool that you've likely never heard of: http://lmgtfy.com/?q=How+to+disable+automatic+updates+on+Mac
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
In Denmark we have a login system (NemID) which is needed to log in to all home-banking systems and all government websites like administration of taxes, social security etc. The login is done with a Java applet (which doesn't even work in OpenJDK, only Oracle).
Please have more children, you are doing it right.
And "Oh yes I did" is not proof outside of panto season.
They're saying that being proactive about security devices with known remote exploits by shutting it down AND NOT TELLING ANYONE is bad.
If you're at work and the electrics go off, and no reason is forthcoming, four hours later they come back on.
After the entire workforce has been complaining about it, someone from office services says "Yeah, there was a problem with the electrics, so we turned them off rather than risk an electrical fire", do you think that it's a bad thing that they didn't bother telling anyone, just because it's good that they protected lives?
Or would this only be the case if it were done by Apple?
I am not angered! On the contrary, I love it. I have removed Java entirely from my Macbook Pro and Windows machines and I never intend to go back. Java is, simply put: a horrendous piece of software!
When judging this move, I think it's important to keep in mind the intended user base of MacOS systems. These are not intended to run legacy, mission-critical business apps. In fact, Apple has never really cared that much about legacy support – backwards compatibility has always been a Windows thing. (Steve Ballmer seems to be forgetting why people stick with his company, but that's a different issue.) Macs are aimed primarily at home users, with a secondary but still strong user base among graphics arts professionals. For both of these demographics, the risks of leaving obsolete, bug-ridden versions of Java enabled far outweigh any potential benefits. Most of these people will never run any Java applications at all, and of the few who do, almost all will be able to use the up-to-date version of Java to do so. Yes, I know there are crappy "enterprise" apps that only work on 1.4.2 beta or some such nonsense, but Apple doesn't care about that – and frankly, they shouldn't. That isn't their target market. If you run a business you should be using Windows 7 for your desktops – it's designed from the ground up to be suitable for both home users and enterprises, and lets you control all the security stuff through group policy.
I spent all day Thursday troubleshooting one of our all-Mac customers with six other people in the room, all shouting different ideas. Only at the end of the day did we discover the news. I was really shocked Slashdot hadn't reported it.
I went home and had nightmares about installing and reinstalling Java on Mac.
Secession is the right of all sentient beings.
get real, OpenBSD and FreeBSD let you choose a browser; chromium for example is in the packages. HURD? pffft, who gives a shit
I'm sure it's a serious issue to the Hurd users. Both of them.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
firefox did this so I had to reinstall while blocking mozilla on my firewall , then change about:config to disable all plugin checks to get java back. Now I have java but am more open to attacks, thats Mozilla for stupid decisions that put your users at more risk than before. ( it would not accept even the latest version of java and java was a must for my web so there was no choice )
The rich Nigerian Prince is thankful that his account wasn't compromised by this research.
All 7 remaining people using Java are angered?
I haven't thought of anything clever to put here, but then again most of you haven't either.
Meaning a fully secured system is close to useless because the onyl secure system is an unplugged system.
Dude, do us all a favor, and make your system super safe.
Of course news about a fake are Fake News.
And OS X doesn't let you choose a browser?
Scorta futuere amo!
So the moral equivalent of a spellchecker is equivalent to a keylogger in your world, eh?
MINIX 3 ate all HURD's market share, what with its features including actually being functional
All software is insecure until the 0days happen enough to make it seem otherwise. Web APIs have to be even more secure than Windows due to having cross platform ubiquity but that is often incredibly expensive to a free-software developer that has a new-feature-filled schedule.
Actually, he wasn't saying that, he was asking why people expect double standards for Apple when they are doing what he perceives as phoning home too.
The whole thing IS NOT open source. If you pulled the FOSS parts of OS X out of OS X you would have no boot, no interface (due to dsmos crypto), no sound or graphics (CoreAudio and Quartz are closed source), no code execution, and so many other things that need no mention.
The only part of OS X that is open source is the low level part and that's because they assimilated an Open Source project to make it in the first place. All edits and additions to the code are the result of needing to update the low level API and kernel infrastructure to support new functionality for themselves. All the mid-level API's are proprietary, and as a result OS X as a whole is NOT open source.
Disbelieve me, please post xprotects source.
I have to admit I'm not an expert but I believe they are just using: http://www.clamav.net/lang/en/ to implement File Quarantine.
Why would software written in 100% Pure Java or otherwise using the Java libraries correctly rely on a particular JDK?
Flash is just not where the cool kids are. HTML5 has almost entirely taken over all the basic requirements of making a dazzling website that dances about on your screen.
So where's HTML5 CS that can be used to make self-contained animations and games like what you see on Newgrounds? Let me know when something like French Erotic Film (safe for work, despite the name) is ported to HTML5 without bloating it by a factor of ten by rendering it to video
I have that at work, with firefox and chrome also installed, but for some things the Safari just pops up. Apple controls your horizontal and your vertical....
If you’re a Mac user who suddenly can’t access websites or run applications that rely on Java, you’re not alone. For the second time in a month, Apple has silently blocked the latest version of Java 7 from running on OS X 10.6 Snow Leopard or higher via its XProtect anti-malware tool. http://mastlists.com/
My Mac users are childlike creative spirits, there are bad things out there, they will get eaten, I must protect my own, what else can I do?
Impossible. ClamAV uses Windows binary heuristics. Mac OSX would not be able to detect any viruses for itself with that but would detect Windows viruses, and I have tested first hand as to how well Mac OSX detects Windows viruses - it doesn't.
OK. Interesting so is your theory they are buying it from someone or just keeping it in house? And if so why?
Apple integrating third party software into their core would be like Labi Siffre making a record with Skrillex. Apple's main marketing line is that everything they make 'just works' and that is based on the fact that the entirety of OS X is made in house aside from the FOSS bits. Apple couldn't FOSS the antivirus as that would just invite workarounds, cracks and attack vectors to be developed. Apple's style would be to buy a small nimble security company and re-purpose their tech, and I've seen zero security tech purchases so far.
Apple Open-Sourcing their antivirus would be like sending North Korea a complete library of blueprints on American military equipment because hackers would have access to the source code so they could see any flaws or holes that exist. Sure after a couple of battles/major viruses those holes would be patched going forward, and that's why AVs like ClamAV are so robust, but Apple has share prices to think about and one major outbreak is all it takes for that to nosedive.
Right now I suspect Apple don't even have heuristics (scanning of application files for bits of code that look malicious in order to catch new virii), they work on sigs, where Apple find a virus then update your list silently. Java is now being identified and blocked in a similar manner.