Discussion Topic |
|
This thread has been locked |
Crimpergirl
Sport climber
Boulder, Colorado!
|
|
|
Jan 14, 2013 - 11:33am PT
|
Agreed Reilly. I have a homework software that comes with a stats text that my students use (I clearly have to get into it). It seems it's java based.
Thoughts for the person who doesn't speak computer language? What to do?
|
|
squishy
Mountain climber
|
|
|
Jan 14, 2013 - 12:23pm PT
|
Let's hope this sounds the death knell for Oracle.
Why would we hope for that?
Besides Oracle's business is hardly java, it's many things. We gave them 25 mil this year to upgrade all our hardware and software, it's some pretty nifty stuff..
|
|
kunlun_shan
Mountain climber
SF, CA
|
|
|
Jan 14, 2013 - 12:40pm PT
|
Interesting article, khanom. Thanks!
Reilly, I don't know how technically saavy you are, or how much trouble/work you are willing to do, but Virtualbox could be a good fix. Its free and fairly easy to implement. I've found this guide straightforward, and it walks you through enough that by the end, you'd have a good understanding of this flavor of VM: http://www.packtpub.com/virtualbox-3-1-beginners-guide/book . On the machine you use now, setup one VM with what your wife needs, and another for browsing the web.
Plus its very cool and fun to be able to run the equivalent of multiple computers, each with whatever OS you want, at the same time on a single machine. Unless you have a very old, slow computer you might only need some extra RAM.
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
|
Topic Author's Reply - Jan 14, 2013 - 01:53pm PT
|
which could result in the installation of malware, identity theft or used to rope personal computers in to becoming unauthorized botnets -- which can then be used in denial-of-service attacks against other sites.
You would think that some (all) of the security vendors should be able to update their software to detect whether a machine has been compromised, even if they can't prevent it.
EDIT:
After doing some poking around on this, it appears that this task is more difficult than you might suspect.
Here's an interesting article on using one free tool, Sysinternals Process Explorer, to detect and clean a system.
http://www.windowsecurity.com/articles/Hunt-Down-Kill-Malware-Sysinternals-Tools-Part1.html
quote from another artucle
The problem is that if you have no idea what you are looking for, it's almost impossible to find it. Suppose a process has made itself hidden to the task manager by hooking EnumProcesses. You might think this would be an easy case to detect. However, the process could be hooking EnumProcesses through a variety of different ways. For example, an unconditional hook at the start of the function, an IAT hook, causing an access violation to occur at EnumProcessesand catching that with a VEH and modifying the EIP/RIP, etc. etc. Even in this simple case, it is not possible to guarantee detection of the hook. This is all assuming that the hook has been performed at usermode on a specific API and also that the code makes no attempt to hide itself from detection.
If you are looking for general guidelines, the best method is probably to look at common detouring techniques.
|
|
Reilly
Mountain climber
The Other Monrovia- CA
|
|
|
Jan 14, 2013 - 01:58pm PT
|
Khanom, good article but I still need to use Java if I ever want to see me wife.
|
|
froodish
Social climber
Portland, Oregon
|
|
|
Jan 14, 2013 - 02:44pm PT
|
Reilly,
Do you need the Java browser plugin, or just need the Java environment installed? (ie: does you wife initiate the action through the browser, or does she launch a Java executable?)
The main danger is from "drive by" attacks (unknowingly visiting a website that is distributing the malware - and contrary to the advice in one of the linked articles earlier, there are sometimes "legit" sites that have been compromised and are distributing things like this so just staying away from pr0n sites doesn't ensure safety)
If you don't need the browser plugin, disable it (Chrome, Firefox and Safari let you easily disable the plugin). If you do need it, only enable the plugin only when you need it and disable it for all other browsing.
|
|
Reilly
Mountain climber
The Other Monrovia- CA
|
|
|
Jan 14, 2013 - 03:05pm PT
|
It's a complicated logon process but I think it starts with the browser*.
But then it seems like there's a Java app in the next step. I guess she
should just call one of her IT guys from home so I can translate. Not that
I'm so hot but, well, between you and me and these four walls, let's just
say she doesn't get by on her 'puter expertise. ;-)
*I don't pay much attention - don't wanna get brought up on HIPA charges!
|
|
zBrown
Ice climber
chingadero de chula vista
|
|
|
Topic Author's Reply - Feb 5, 2013 - 09:13am PT
|
Java Stumbles Again
Not long after the Department of Homeland Security was advising users to disable Java, another flaw has been discovered in Oracle's programming language.
Last week a bug was found that undermined Java's "maximum security setting." That setting, which Oracle activated by default in the last hasty update of the software, requires a user to give their OK to run unsigned Java applets. Because of the flaw, unsigned Java apps can run on a Windows system regardless of the Java security settings.
Instead of fixing security issues found in the previous version of Java, the most recent release of the program merely sidesteps them, said Bogdan Botezatu, a senior e-threat analyst with cyber security software maker Bitdefender.
"They just tried to prevent the user from triggering the issue," Botezatu told TechNewsWorld.
Leaving the resolution of security issues to the user is not a good idea. "One of the worse things a developer can do is let the user make security decisions," he said. If a pop-up message appears when a user is in the middle of doing something they want done, they'll click OK regardless of what the message says.
|
|
Ken M
Mountain climber
Los Angeles, Ca
|
|
following up on concerns raised by computer security experts.
So it's NOT the gov't, it is the community of private computer security experts.
The gov't is passing the word along.
|
|
froodish
Social climber
Portland, Oregon
|
|
Your regularly scheduled Flash exploit for Feb:
http://arstechnica.com/security/2013/02/adobe-issues-emergency-flash-update-for-attacks-on-windows-mac-users/
Affects Windows and Mac. It's out there in the wild.
Adobe has released security updates for Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Adobe is aware of reports that CVE-2013-0633 is being exploited in the wild in targeted attacks designed to trick the user into opening a Microsoft Word document delivered as an email attachment which contains malicious Flash (SWF) content. The exploit for CVE-2013-0633 targets the ActiveX version of Flash Player on Windows.
Adobe advisory here:
https://www.adobe.com/support/security/bulletins/apsb13-04.html
|
|
froodish
Social climber
Portland, Oregon
|
|
And yet another zero day Java exploit is in the wild.
Hackers are exploiting a previously unknown and currently unpatched vulnerability in the latest version of Java to surreptitiously infect targets with malware, security researchers said Thursday night.
The critical vulnerability is being exploited to install a remote-access trojan dubbed McRat, researchers from security firm FireEye warned. The attacks work against Java versions 1.6 Update 41 and 1.7 Update 15, which are the latest available releases of the widely used software. The attack is triggered when people with a vulnerable version of the Java browser plugin visit a website that has been booby-trapped with attack code. FireEye researchers Darien Kindlund and Yichong Lin said the exploit is being used against "multiple customers" and that they have "observed successful exploitation."
Disable Java in your browser if you haven't already.
|
|
zBrown
Ice climber
Brujo de La Playa
|
|
|
Topic Author's Reply - Jan 21, 2014 - 10:05am PT
|
No action here for some time. Disabling Java does cause certain applications to complain, e.g. Youtube.
What is anyone thinking on this currently?
|
|
|
SuperTopo on the Web
|
Let us know!