Monday, January 21, 2013
(I) So what do we do about Java?
With the latest scare with Java and right after Java 7 release 11 yet another vulnerability announced - what do we do about Java?
No really - NOTHING!!!!
The Feds say remove it, articles say the Feds say to remove it... So when did a vulnerability in software require us to stop using it? We would have stopped using Windows years ago, but we can't. You can uninstall the runtime Java on your system (if you can), but it is built into browsers and the Internet.
Could you really remove Java? Have you ever visited a city, county, state, federal or local government website. Java is everywhere, can you really remove it? Apple solved it by flipping a switch that disables it across all Apple Macs.. How cool is that !?
Seriously though, the only thing that you need to do is CHANGE YOUR BEHAVIOR!
These Java exploits are going away and will come in email attachments and drive by surfing. If you block Ads with AdBlock+, use Web of Trust (WOT) when you search the InterWebbings to avoid known bad sites and NoScript and Not Script then you don't have to do anything except pay attention.
If you are an enterprise admin, then deploy the add-ons and train your users and of course 'Don't Click on That!'