Slashdot Mirror
Apple Angers Mac Users With Silent Shutdown of Java 7
An anonymous reader writes in with news of the continuing saga of Java patches and exploits. "If you're a Mac user who suddenly can't access websites or run applications that rely on Java, you're not alone. For the second time in a month, Apple has silently blocked the latest version of Java 7 from running on OS X 10.6 Snow Leopard or higher via its XProtect anti-malware tool. Apple hasn't issued any official statements advising users of the change or its reasons, but it's a safe bet that the company has deemed Oracle's most recent update to Java insecure. That's why the company stealthily disabled Java on Macs back on Jan. 10, the same day a Java vulnerability was being exploited in the wild."
If you ran Linux you wouldn't have to worry about software not being able to run.
Update 13 is already out, and *not* blocked by Apple. All that's blocked are the old, insecure (well, more insecure) versions.
Ask me how the Heisenberg Principle may or may not have saved my life.
Without Java applets, my plan to time travel back to 1997 and surf the web is completely ruined!
There's no -1 for "I don't get it."
This is why I run GNU Hurd, the only truly free operating system, on my Lemote Yeeloong. My freedom is incredible. I can run ls and cat and EVERYTHING. I look forward to support for manpages in 2017.
You do realise you can disable this right?
https://discussions.apple.com/thread/4762386?start=0&tstart=0
Quite amazing what a google search for 'disable XProtect' turns up..
Ehm, doesn't Firefox also block vulnerable versions of Java? I guess maybe they are fascist as well.
Java... free. VirtualBox... free. Oracle Linux... free. How can you say they're greedy?
On Windows, Java installs the Ask Toolbar (for now - other times it installs other shit) every time it updates to a new version unless the user realizes Oracle is a two bit hole in the wall company and unchecks the default boxes to opt out. That's greedy. To an even greater extent that's sleazy and just...trashy.
"I zero-index my hamsters" - Willtor (147206)
Let's not let the facts get in our way.
Thirty four characters live here.
a) it's old news ;)
b) both the Java 7 (from Oracle) and Java 6 (from Apple) updates that address this are already out . Is the new motto Recycling obselete news that matters
c) if you want to opt out from Xprotect, how to guides abound
d)it's the Safari plugin only - other browsers are not effected
e) Apple have pulled the trigger on Xprotect maybe 4 times in 3 years, its not like they are shotgunning
The vulnerabilities from Java 7 were hideously large, and Apple probably did the right thing for the 99 percent who don't know any better. Driveby root access isn't all that fun for the target.
The 1 percent who care, can disable Xprotect temporarily if they want to.
For anyone in between, they could always use another browser.
If you are using a Mac , you are not generally the IT equivalent of a Yukon Frontiersman
Wow... Apple can't catch a break... You know damn well people would be bitching if they hadn't done this... Apple Fails To Disable Java 7. Millions of Macs Vulnerable. News at 11.
The real Sig captains the Northwestern. This one captains
Two issues. Firstly Apple didn't just disable web applets. They disabled Java Web Start too, so whole corporations and government departments are suddently shut down. Secondly, they didn't provide any announcement, or a gui tool to re-enable at your own risk. It was just nuke everyone in silence.
Your information is woefully out of date. Oracle is where you get Java for OS X, and it's been that way for a couple years.
The summary is incorrect with saying Apple blocked Java 7 on 10.6. Actually, Snow Leopard can't run the new Java from Oracle, it can only run the Apple version of it which is still the 6 series. With this last round of blocking, Apple also blocked their own version on Snow Leopard and Apple has not yet released an update for it last time I checked. Now, in my opinion, this whole blocking thing without notice was extremely unprofessional and made me disappointed in Apple, and that's coming from a Mac fan. I got hit with it the other day and spent hours trying to figure out why in the world Java wasn't working on my machines. Ended up finding a work around editing a .plist file using a console text editor. Definitely not a solution for anyone not familiar with the command line.
Depends on how it works, if it sends a list of installed software to Apple to check it's bad, but if it downloads a list of plugin signatures to disable because they're outdated and insecure that's not any worse or different than the antivirus downloading virus signatures. I don't see the privacy implications of that, would you elaborate?
Apple has been using a blacklist that is updated daily to stop dangerous software from running. It is mostly used against trojans, but also to block Java running as a Safari plugin, which has some rather serious exploits (basically, an applet can replace the default Java security manager with its own, and from then on anything goes), _and_ it is known that these exploits are actually for sale.
So there are no privacy problems whatsoever, and while blocking Java applets might be annoying, the alternative would be highly dangerous. By the way, Oracle has released a new software version fixing about 50 security problems, which is not blocked.
i love the Hurd logo - representing all 4 of it's users.
No, you are the IT equivalent of the cast of Glee.
You are welcome on my lawn.
Yeah well, as someone tasked with fixing this for a government department, Apple hasn't told me how to do it. Yes, some hackers figured it out. Yes, I can google and get their knowledge. But Apple didn't give me any way to push the fix out. Nor did they give a gui tool so I can email the users with instructions. In short, we're a bit screwed right now. We'll get over it sure, but in the mean time, tons of legal centres are out of action. is this good enough behavior? Surely not! Please don't defend this crap.
The logo looks to me like someone tried, and failed miserably, to map out a token ring network.
If you can't convince them, convict them.
No, you are the IT equivalent of the cast of Glee.
Young, geeky, bullied by retards who hate them for liking something that the retards don't like? ;)
Its really easy for some nerd to say your a fool for using Java, but when you have a business line application line Sungard Banner (which uses Oracle Forms which is Java based) with 30 years of prior use its not so simple to just move on - yes we may be foolish, but what can one do at this point?
Apple shuts off Java and they essentially killed off our front line application.
Really all this does is make us move more towards Windows and Linux desktops for anyone who has a business need for a computer.
I find it funny how yet another Windows8 story ran last week, and there were many suggestions that businesses should all switch to the Mac.
I have no problem with Apple disabling Java. I would like them to provide some notice and I would like them to provide a way to whitelist trusted applications. That doesn't seem unreasonable.
The "fools at Apple" make the security system a standard XML file which is editable by admins. You can do anything you want with it.
Apple hasn't told me how to do it. Yes, some hackers figured it out.
Did you call Apple Enterprise support? Does your organization have the proper agreements in place with Apple, for them to support use of OS X by a business (instead of ordinary consumer use) ?
Did you voice the concerns with your Apple rep?