Forum: Panoguide website feedback

Thread: Java security breach (January 2013)

back to threads list | this thread is closed
Search the forums:
Author  Message 
Judy-A

Posts: 582
Location: Edmonton, Canada
Registered: 20 Jan 2010
Java security breach (January 2013)
Posted: 13 Jan 2013 at 19:24 GMT
It may be a good idea to temporarily disable the Java plugin in your web browsers and not view panoramas on the Panoguide site, which use the Java panorama player, Immervision.

www.cbc.ca/news/technology/story/2013/01/12/java-...

“The U.S. Department of Homeland Security is advising people to temporarily disable the Java software on their computers to avoid potential hacking attacks. [...] Experts believe hackers have found a flaw in Java’s coding that creates an opening for criminal activity and other high-tech mischief.”

If you are having trouble viewing panoramas on this site, it may be that your security software has already disabled the Java plugin in your browsers.

Judy
alert moderator
burake

Posts: 333
Location: Antalya, Turkey
Registered: 7 Jun 2012
Re: Java security breach (January 2013)
Posted: 13 Jan 2013 at 20:37 GMT
I was wondering why I cannot view panos in the gallery...That may be the reason...Thanks for the input Judy...
Burak
alert moderator
DemonDuck

Posts: 418
Location:
Registered: 10 Mar 2011
Re: Java security breach (January 2013)
Posted: 14 Jan 2013 at 18:12 GMT
[sigh] Another nail in the coffin. And Java had so much promise so early. Much of it's demise was self-inflicted.

www.pcworld.com/article/2025178/oracle-releases-j...

Oracle released Java 7 update 11 (Java 7u11) on Sunday following a warning from the U.S. Computer Emergency Readiness Team (US-CERT) advising users to disable the software due to a serious and previously unknown security vulnerability. Even with the available fix, CERT, part of the Department of Homeland Security, is still advising users to disable Java on their systems unless running the software is “absolutely necessary.”

he biggest change for users with the newest version of Java is that now all unsigned Java applets and Web start applications are click-to-run. This means you must explicitly authorize Java to run in your browser nearly every time you come across Java on the Web. Java is a cross-platform programming language often used online for Web content and applications such as games and interactive charts. Oracle's vulnerability fix affects only users running Java in their browsers, and does not apply to servers, desktop applications, or embedded Java apps.

Oracle is also calling on users to update their systems as soon as possible. “Due to the severity of these vulnerabilities,” Oracle's security alert reads. “Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.”
alert moderator