Press "Enter" to skip to content

Posts published in “Browsers”

Oracle Serious About Java Security–Maybe

By Christine Hall on April 22, 2013 |

Browsers, Internet and Security

We’re not ready to tell you we think it’s safe to reactivate your Java browser plugin–in fact, just the opposite–but we will say that Oracle is at least giving the appearance they’re now serious about addressing browser-side Java’s safety. Early last week they issued a security patch that fixed either 41 or 42 Java security issues, depending on what website you’re reading.

Excuse us if we don’t seem too impressed. At this juncture all we’re willing to do is say with utmost snark, “It’s about time.”

Continue readingOracle Serious About Java Security–Maybe

Firefox: To Configure Or Not To Configure

By Christine Hall on March 22, 2013 |

Browsers and Software

An interesting item came down the pike yesterday by way of Katherine Noyes on PCWorld. It seems that Alex Limi, a project design strategist at Mozilla, has blogged some concerns he has over Firefox being too configurable. It appears he’s become aware that it “…ships with many options that will render the browser unusable to most people, right in the main settings.”

This is absolutely true, but does it really matter?

I remember, many years back, I was clicking away inside Firefox when I managed to make the Menu Bar disappear. This was quite problematic because with the Menu Bar missing there was no place to click to reinstate it. I frantically searched around online, seemingly forever, until I finally found the fix. I’d like to think that I learned something from the experience, other than don’t click away the Menu Bar, but I don’t think I did for I have no memory of what I did to restore the missing item, so if I were to do it again I’d find myself back in the same boat.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingFirefox: To Configure Or Not To Configure

Java Remains Unsafe–Not Likely To Be Fixed Soon

By Christine Hall on March 14, 2013 |

Browsers, Internet, Security and Software

Guess what? We’re hearing reports this morning that the black hats are continuing to take advantage of security vulnerabilities in Java. Of course they are. That’s what black hats do. We’re also hearing from security experts that browser side Java isn’t likely to be made secure in the near future.

Oracle’s management of Java since obtaining it from Sun has been nothing short of a joke. It’s about time for them to decide if they want to keep Java or not. If they don’t want it, they need to spin it off or let it die. If they think it’s a valuable part of their software portfolio, they should treat it as such and work overtime to make it safe.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingJava Remains Unsafe–Not Likely To Be Fixed Soon

Oracle Patches 2 Java Holes–At Least 5 Remain

By Christine Hall on March 6, 2013 |

Browsers, Internet, News and Security

It would seem that Oracle is getting serious about addressing security issues in Java. Late Monday the company pushed Java 7 Update 17 that fixes two security holes that were already being exploited in the wild.

The vulnerabilities addressed in Monday’s patch had been known since at least February 1 and were originally scheduled to be fixed in a scheduled security update in April, according to a security blog on the Oracle website:

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingOracle Patches 2 Java Holes–At Least 5 Remain

Five, Count ‘Em, Five New Security Holes In Java

By Christine Hall on March 5, 2013 |

Browsers, Internet, News and Security

Those who thought it was safe to re-up Java on their browsers will need to go back and turn it off again.

If you listen to us, after you do you’ll never turn it back on. Browser side Java has been made pretty much obsolete by newer technologies, which means you don’t need it, especially since it’s proving to be about as easy to keep secure as ActiveX, sandbox or no. Here at FOSS Force, we haven’t had it enabled on our browsers for years, with no noticeable problems when we surf the web.

You may remember that back on January 10th it was announced that Java had a security vulnerability that was already being exploited in the wild. This security hole was serious enough to prompt the U.S. Department of Homeland Security to suggest that browser side Java be turned-off on all computers.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingFive, Count ‘Em, Five New Security Holes In Java

Avast AV Finds Malware On LA Times Website

By Christine Hall on February 13, 2013 |

Browsers, News and Security

This morning the Prague based antivirus company Avast! pushed notification to it’s subscribers of the presence of malware on the LA Times website. The notification came by way of a link to a blog on the antivirus company’s site delivered with the morning’s virus signature update. According to the blog’s writer, Brian Krebs, the Times site has been affected for about a month and a half. The problem is not site wide and only affects visitors to a small section of the site:

“…Fortunately for most of the users, only one of the low-profile websites was infected, so the assumed number of the infected people is not really high. But! I checked yesterday’s stats, then day-before-yesterday and the result was a bit of shocker! We have consecutive reports of malicious iframes on their sub-site from 23rd of December and it is still working there while I’m writing this blog.”

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingAvast AV Finds Malware On LA Times Website

QtWeb: Not Quite Ready For Full Time Browsing

By Christine Hall on January 31, 2013 |

Browsers, Desktops and Internet

I thought my motherboard was dying.

I have an old Lenovo built, IBM branded desktop with 512 megs of memory and a 3 GHz processor. It runs Windows XP Pro, because the bank requires I run a piece of crap software that only speaks Windows. I’ve learned to live with it.

It’s got a Pentium 4, which had heat dissipation problems, which is why I figure the folks at Lenovo installed a gee-whiz thermostat controlled fan that’ll rev-up way high when needed. Normally that hasn’t been necessary, except when I get carried away watching high def movies or spend too much time strolling down memory lane on YouTube.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingQtWeb: Not Quite Ready For Full Time Browsing

Java Still Isn’t Safe – Possible New Vulnerability

By Christine Hall on January 16, 2013 |

Browsers, Internet, News and Security

I was just guessing on Monday when I said that the Java security patch pushed by Oracle on Sunday was “too little too late.” This appears to have been a lucky good guess on my part, as word is out now that the Java browser plugin still isn’t safe.

At least that’s what Brian Krebs is reporting on his blog Krebs On Security. Evidently there’s a black hat on a hacker forum who’s offering-up info to two buyers on a new vulnerability in the latest and greatest version of Java (that would be version 7, update 11) for the sum of $5,000 each.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingJava Still Isn’t Safe – Possible New Vulnerability

Oracle’s Quick Java Patch–Too Little Too Late?

By Christine Hall on January 14, 2013 |

Browsers, News and Software

On Sunday, Oracle pushed an “unscheduled” patch to fix a security hole in Java that had prompted the U.S. Department of Homeland Security to take the unprecedented step of advising all Internet users to disable browser-side Java. The hole was already being exploited in the wild when white hats brought it to the public’s attention last week, mainly being used to install “ransomware.”

Despite Oracle’s assurances that it’s safe for surfers to go back in the water, security experts remain uncertain about the safety of Java. On Information Week, writer Mathew J. Schwartz quotes at least one security expert who gives the security patch a thumbs up:

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingOracle’s Quick Java Patch–Too Little Too Late?

Java Security Vulnerability – How To Disable Java In Linux Browsers

By Christine Hall on January 11, 2013 |

Browsers, Internet and Security

When the Homeland Security folks get into the mix and urge all computer users to disable Java in their browsers, you know it’s serious. Indeed, the exploit announced yesterday seems to affect all operating systems, including Linux, and it’s already being exploited. According to Trend Micro the flaw is already being used by blackhat toolkits mainly to distribute ransomware. In a blog posted yesterday, the company advises all users to disable or uninstall Java:

To prevent this exploit, and subsequently the related payload, we recommend users to consider if they need Java in their systems. If it is needed, users must use the security feature to disable Java content via the Java Control Panel, that shipped in the latest version of Java 7. The said feature disables Java content in webpages. If Java content is not needed, users may opt to uninstall Java as it can pose certain security risk.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingJava Security Vulnerability – How To Disable Java In Linux Browsers

ZoneAlarm: Defining the Difference Between Freeware and Free Software

By Christine Hall on July 30, 2012 |

Browsers and Security

The other day, when my friend’s laptop spit-up a warning from ZoneAlarm that she was no longer protected, I stood over her shoulder and instructed her to update the firewall. The warning was basically a scare tactic, of course. Without the update she would still be protected, just as protected as she had been the day before. She just wouldn’t have any new whiz-bang features included in the update, nor would she be able to take advantage of any new security enhancements.

We ran the default install. This was Windows, so there had to be a reboot. After that, we opened the browser to find that the homepage had been reset to a ZoneAlarm themed Google search page. We had not opted-in to any such change; the ZoneAlarm folks had just taken it on themselves to hijack Firefox’s revenue, which I didn’t think cricket.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

FOSSForce.com
Continue readingZoneAlarm: Defining the Difference Between Freeware and Free Software
Latest Articles