Tuesday, September 4, 2012

Time to Give Java the Boot?

Analysis: The programming language has become one of the weakest links in a PC’s and Mac's defenses against external threats, and is slowly -- and rightly -- being abandoned.



PCWorld - Java, the programming language designed to make the web fun and interactive, has become one of the weakest links in a PC’s and Mac's defenses against external threats. Consider the most recent Java vulnerability, a weakness currently being exploited by malware distributors: When Oracle, Java's maker, released an emergency update to fix the software, security analysts reported that even the hot-off-the-presses code contains additional vulnerabilities.

But the most recent security problems with Java are far from unique. Security firm Sophos, for example, blames underlying Java vulnerability for attacks by the Flashback malware last April that infected one out of five Macs.

The risks don't outweigh the rewards, security experts say. “I'd say 90 percent of users don't need Java anymore,” says Dominique Karg, the founder and chief hacking officer of AlienVault, a security software company. “I consider myself a ‘power user’ and the last and only time I realized I had Java installed on my Mac was when I had to update it.”

If you own a PC you know that nagging feeling of insecurity when you're asked to update your Windows PC for the umpteenth time. It may only be moderately disruptive, but it’s a monthly reminder that your computer, and the personal information contained therein, remains a target for criminals.

More