Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.sys.mac.system > #23317 > unrolled thread

Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java?

Started byANTant@zimage.com (Ant)
First post2012-04-04 19:03 -0500
Last post2012-04-12 09:13 +1200
Articles 20 on this page of 54 — 20 participants

Back to article view | Back to comp.sys.mac.system


Contents

  Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? ANTant@zimage.com (Ant) - 2012-04-04 19:03 -0500
    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-04 19:54 -0700
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-05 00:06 -0400
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 00:24 -0700
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-05 16:10 -0400
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 13:33 -0700
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 13:51 -0700
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 19:16 -0400
                  Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-06 14:48 +1200
                    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 23:21 -0400
                      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-06 18:19 +1200
                        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:09 +0200
                        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Howard.not@home.com (Howard) - 2012-04-09 18:17 +0100
                          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? PhillipJones <pjones1@kimbanet.com> - 2012-04-09 14:20 -0400
                            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Howard.not@home.com (Howard) - 2012-04-10 17:46 +0100
                              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-11 10:18 +0200
                                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? John McWilliams <jpmcw@comcast.net> - 2012-04-11 15:13 -0700
                    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:01 +0200
                      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-07 01:46 +1200
                        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-06 12:15 -0400
                          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-09 09:11 +0200
                            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-09 11:42 -0400
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 13:51 +0200
                  Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:28 -0700
                    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 21:51 +0200
                      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 16:43 -0700
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Wes Groleau <Groleau+news@FreeShell.org> - 2012-04-05 21:27 -0400
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:19 +0200
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:29 -0700
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-06 12:22 -0700
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-06 17:40 -0400
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-06 12:11 -0400
    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-05 10:01 +0200
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-05 01:55 -0700
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-05 11:40 +0200
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:30 -0700
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Dave Allen <kneeljung@gmail.com> - 2012-04-06 19:03 -0500
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-07 12:48 +1200
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Dave Allen <kneeljung@gmail.com> - 2012-04-07 13:56 -0500
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-07 09:53 -0700
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? SY <205sk@accessforall.invalid> - 2012-04-07 19:01 +0200
                  Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Alan Browne <alan.browne@FreelunchVideotron.ca> - 2012-04-07 14:10 -0400
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-21 13:18 -0700
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Warren Oates <warren.oates@gmail.com> - 2012-04-05 08:20 -0400
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? George Kerby <ghost_topper@hotmail.com> - 2012-04-05 08:38 -0500
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Jolly Roger <jollyroger@pobox.com> - 2012-04-05 15:51 -0700
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? George Kerby <ghost_topper@hotmail.com> - 2012-04-05 18:49 -0500
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Jolly Roger <jollyroger@pobox.com> - 2012-04-05 16:54 -0700
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-08 13:38 +0200
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? J.J. O'Shea <try.not.to@but.see.sig> - 2012-04-09 14:03 -0400
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 19:10 -0400
    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? J.J. O'Shea <try.not.to@but.see.sig> - 2012-04-09 14:00 -0400
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-11 10:37 +0200
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? HelpfulHarry@BusyWorking.com (Helpful Harry) - 2012-04-12 09:13 +1200

Page 1 of 3  [1] 2 3  Next page →


#23317 — Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java?

FromANTant@zimage.com (Ant)
Date2012-04-04 19:03 -0500
SubjectIs there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java?
Message-ID<Xaqdnd_fvMXPfOHSnZ2dnUVZ_s6dnZ2d@earthlink.com>
Hello.

I read the recent Flashback trojan with Apple's Java. I have a client 
who is still running Mac OS X 10.5.8 and noticed Apple released an 
updated Java for Mac OS X 10.6. I assume there is none for unsupported 
10.5.8. Is there a way to remove its Java or protect it without 
upgrading the OS?

Thank you in advance. :)
-- 
Quote of the Week: "If ants are such busy workers, how come they find 
time to go to all the picnics?" --Marie Dressler
  /\___/\   Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
 / /\ /\ \                 Ant's Quality Foraged Links: http://aqfl.net
| |o   o| |
   \ _ /           Please nuke ANT if replying by e-mail. If crediting,
    ( )          then please kindly use Ant nickname and AQFL URL/link.

[toc] | [next] | [standalone]


#23320

FromMichael Vilain <vilain@NOspamcop.net>
Date2012-04-04 19:54 -0700
Message-ID<vilain-7537B2.19544504042012@news.individual.net>
In reply to#23317
In article <Xaqdnd_fvMXPfOHSnZ2dnUVZ_s6dnZ2d@earthlink.com>,
 ANTant@zimage.com (Ant) wrote:

> Hello.
> 
> I read the recent Flashback trojan with Apple's Java. I have a client 
> who is still running Mac OS X 10.5.8 and noticed Apple released an 
> updated Java for Mac OS X 10.6. I assume there is none for unsupported 
> 10.5.8. Is there a way to remove its Java or protect it without 
> upgrading the OS?
> 
> Thank you in advance. :)

Java is deeply embedded into MacOS.  I don't know what you'd break if 
you removed it.  I suppose you could reverse engineer the patch that 
Apple created from the Oracle sources, if you had them.  How good are 
you with Java development tools and coding?  Unless you get paid T&M to 
fix this, I'd tell the client "Life is unsure.  Live it it.  Or 
upgrade."  but they're not my client.  That's the downside of being on 
such an old version of the OS.  They essentially have to pay you to take 
Apple's place for support.

-- 
DeeDee, don't press that button!  DeeDee!  NO!  Dee...
[I filter all Goggle Groups posts, so any reply may be automatically ignored]

[toc] | [prev] | [next] | [standalone]


#23321

Fromnospam <nospam@nospam.invalid>
Date2012-04-05 00:06 -0400
Message-ID<050420120006189551%nospam@nospam.invalid>
In reply to#23320
In article <vilain-7537B2.19544504042012@news.individual.net>, Michael
Vilain <vilain@NOspamcop.net> wrote:

> Java is deeply embedded into MacOS.  I don't know what you'd break if 
> you removed it. 

it's not and it's no longer included by default, however, it can be
downloaded if needed.

[toc] | [prev] | [next] | [standalone]


#23323

FromMichael Vilain <vilain@NOspamcop.net>
Date2012-04-05 00:24 -0700
Message-ID<vilain-2C212C.00244105042012@news.individual.net>
In reply to#23321
In article <050420120006189551%nospam@nospam.invalid>,
 nospam <nospam@nospam.invalid> wrote:

> In article <vilain-7537B2.19544504042012@news.individual.net>, Michael
> Vilain <vilain@NOspamcop.net> wrote:
> 
> > Java is deeply embedded into MacOS.  I don't know what you'd break if 
> > you removed it. 
> 
> it's not and it's no longer included by default, however, it can be
> downloaded if needed.

That's true for 10.7.  Not true for 10.6 and this guy's version 10.5.8.  
I'm sure he could dig deep enough to create a system that ran 10.5.8 but 
he'd have to forever maintain updates for various stuff on it on a 
system that would mirror his client's system.  I'd do that if I was paid 
big bucks to be "Apple" for a client.  But not otherwise.

-- 
DeeDee, don't press that button!  DeeDee!  NO!  Dee...
[I filter all Goggle Groups posts, so any reply may be automatically ignored]

[toc] | [prev] | [next] | [standalone]


#23333

Fromnospam <nospam@nospam.invalid>
Date2012-04-05 16:10 -0400
Message-ID<050420121610512185%nospam@nospam.invalid>
In reply to#23323
In article <vilain-2C212C.00244105042012@news.individual.net>, Michael
Vilain <vilain@NOspamcop.net> wrote:

> > > Java is deeply embedded into MacOS.  I don't know what you'd break if 
> > > you removed it. 
> > 
> > it's not and it's no longer included by default, however, it can be
> > downloaded if needed.
> 
> That's true for 10.7.  Not true for 10.6 and this guy's version 10.5.8.  
> I'm sure he could dig deep enough to create a system that ran 10.5.8 but 
> he'd have to forever maintain updates for various stuff on it on a 
> system that would mirror his client's system.  I'd do that if I was paid 
> big bucks to be "Apple" for a client.  But not otherwise.

but the point is that java isn't deeply embedded and *can* be removed,
which apple has done.

[toc] | [prev] | [next] | [standalone]


#23335

FromMichael Vilain <vilain@NOspamcop.net>
Date2012-04-05 13:33 -0700
Message-ID<vilain-25041C.13332805042012@news.individual.net>
In reply to#23333
In article <050420121610512185%nospam@nospam.invalid>,
 nospam <nospam@nospam.invalid> wrote:

> In article <vilain-2C212C.00244105042012@news.individual.net>, Michael
> Vilain <vilain@NOspamcop.net> wrote:
> 
> > > > Java is deeply embedded into MacOS.  I don't know what you'd break if 
> > > > you removed it. 
> > > 
> > > it's not and it's no longer included by default, however, it can be
> > > downloaded if needed.
> > 
> > That's true for 10.7.  Not true for 10.6 and this guy's version 10.5.8.  
> > I'm sure he could dig deep enough to create a system that ran 10.5.8 but 
> > he'd have to forever maintain updates for various stuff on it on a 
> > system that would mirror his client's system.  I'd do that if I was paid 
> > big bucks to be "Apple" for a client.  But not otherwise.
> 
> but the point is that java isn't deeply embedded and *can* be removed,
> which apple has done.

In another thread, someone posted a terrific article on disabling and 
removing the JVM runtime.  But it all pertains to 10.6 and 10.7.  While 
MacOS doesn't depend on the JVM runtime, other applications might.  I 
tend to not use Java-based applications because they're not quite MacOS 
UI compliant.  None of the major vendors (M$, Adobe, or others) use them 
to my knowledge but something might break if you remove Java.  The OP's 
customer will have to take that into consideration--I can't run <X> on 
this older version of the OS because of Java bugs.

Now there's this article:

<http://osxdaily.com/2012/04/05/how-to-check-for-the-flashback-trojan-in-
mac-os-x/>

which shows how to actually check to see if a machine is infected.  If 
it works with 10.4 and 10.5, someone should post that here.

-- 
DeeDee, don't press that button!  DeeDee!  NO!  Dee...
[I filter all Goggle Groups posts, so any reply may be automatically ignored]

[toc] | [prev] | [next] | [standalone]


#23336

FromMichael Vilain <vilain@NOspamcop.net>
Date2012-04-05 13:51 -0700
Message-ID<vilain-7D0B89.13514405042012@news.individual.net>
In reply to#23335
In article <vilain-25041C.13332805042012@news.individual.net>,
 Michael Vilain <vilain@NOspamcop.net> wrote:

> In article <050420121610512185%nospam@nospam.invalid>,
>  nospam <nospam@nospam.invalid> wrote:
> 
> > In article <vilain-2C212C.00244105042012@news.individual.net>, Michael
> > Vilain <vilain@NOspamcop.net> wrote:
> > 
> > > > > Java is deeply embedded into MacOS.  I don't know what you'd break if 
> > > > > you removed it. 
> > > > 
> > > > it's not and it's no longer included by default, however, it can be
> > > > downloaded if needed.
> > > 
> > > That's true for 10.7.  Not true for 10.6 and this guy's version 10.5.8.  
> > > I'm sure he could dig deep enough to create a system that ran 10.5.8 but 
> > > he'd have to forever maintain updates for various stuff on it on a 
> > > system that would mirror his client's system.  I'd do that if I was paid 
> > > big bucks to be "Apple" for a client.  But not otherwise.
> > 
> > but the point is that java isn't deeply embedded and *can* be removed,
> > which apple has done.
> 
> In another thread, someone posted a terrific article on disabling and 
> removing the JVM runtime.  But it all pertains to 10.6 and 10.7.  While 
> MacOS doesn't depend on the JVM runtime, other applications might.  I 
> tend to not use Java-based applications because they're not quite MacOS 
> UI compliant.  None of the major vendors (M$, Adobe, or others) use them 
> to my knowledge but something might break if you remove Java.  The OP's 
> customer will have to take that into consideration--I can't run <X> on 
> this older version of the OS because of Java bugs.
> 
> Now there's this article:
> 
> <http://osxdaily.com/2012/04/05/how-to-check-for-the-flashback-trojan-in-
> mac-os-x/>
> 
> which shows how to actually check to see if a machine is infected.  If 
> it works with 10.4 and 10.5, someone should post that here.

You can follow this procedure from the Terminal to check and remove the 
Trojan if the machine is infected:

<http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml>

But you won't be able to patch the Java on the 10.5.8 system.  If you 
have /Applications/Utilities/Java Preferences, you can disable the JVM 
runtimes.

-- 
DeeDee, don't press that button!  DeeDee!  NO!  Dee...
[I filter all Goggle Groups posts, so any reply may be automatically ignored]

[toc] | [prev] | [next] | [standalone]


#23347

From*Hemidactylus* <ecphoric@hotmail.com>
Date2012-04-05 19:16 -0400
Message-ID<7q2dncu67MYpuuPSnZ2dnUVZ_hydnZ2d@giganews.com>
In reply to#23336
On 04/05/2012 04:51 PM, Michael Vilain wrote:
> In article<vilain-25041C.13332805042012@news.individual.net>,
>   Michael Vilain<vilain@NOspamcop.net>  wrote:
>
>> In article<050420121610512185%nospam@nospam.invalid>,
>>   nospam<nospam@nospam.invalid>  wrote:
>>
>>> In article<vilain-2C212C.00244105042012@news.individual.net>, Michael
>>> Vilain<vilain@NOspamcop.net>  wrote:
>>>
>>>>>> Java is deeply embedded into MacOS.  I don't know what you'd break if
>>>>>> you removed it.
>>>>>
>>>>> it's not and it's no longer included by default, however, it can be
>>>>> downloaded if needed.
>>>>
>>>> That's true for 10.7.  Not true for 10.6 and this guy's version 10.5.8.
>>>> I'm sure he could dig deep enough to create a system that ran 10.5.8 but
>>>> he'd have to forever maintain updates for various stuff on it on a
>>>> system that would mirror his client's system.  I'd do that if I was paid
>>>> big bucks to be "Apple" for a client.  But not otherwise.
>>>
>>> but the point is that java isn't deeply embedded and *can* be removed,
>>> which apple has done.
>>
>> In another thread, someone posted a terrific article on disabling and
>> removing the JVM runtime.  But it all pertains to 10.6 and 10.7.  While
>> MacOS doesn't depend on the JVM runtime, other applications might.  I
>> tend to not use Java-based applications because they're not quite MacOS
>> UI compliant.  None of the major vendors (M$, Adobe, or others) use them
>> to my knowledge but something might break if you remove Java.  The OP's
>> customer will have to take that into consideration--I can't run<X>  on
>> this older version of the OS because of Java bugs.
>>
>> Now there's this article:
>>
>> <http://osxdaily.com/2012/04/05/how-to-check-for-the-flashback-trojan-in-
>> mac-os-x/>
>>
>> which shows how to actually check to see if a machine is infected.  If
>> it works with 10.4 and 10.5, someone should post that here.
>
> You can follow this procedure from the Terminal to check and remove the
> Trojan if the machine is infected:
>
> <http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml>
>
> But you won't be able to patch the Java on the 10.5.8 system.  If you
> have /Applications/Utilities/Java Preferences, you can disable the JVM
> runtimes.
>
When I click on my "Java Preferences" it asks me if I want to install a 
Java Runtime. I'm taking this to mean I have no Java on my machine or 
would there be something embedded in Safari that I'd need to check?

I ran the CLI checks for the malware and came up clean anyhow, so no 
sweat on my brow.

-- 
*Hemidactylus*

[toc] | [prev] | [next] | [standalone]


#23357

Fromdempson@actrix.gen.nz (David Empson)
Date2012-04-06 14:48 +1200
Message-ID<1ki4t93.3nihuzj237dsN%dempson@actrix.gen.nz>
In reply to#23347
*Hemidactylus* <ecphoric@hotmail.com> wrote:

> When I click on my "Java Preferences" it asks me if I want to install a
> Java Runtime. I'm taking this to mean I have no Java on my machine or
> would there be something embedded in Safari that I'd need to check?

I see from elsewhere in the thread that you are running Lion (OS X
10.7), so that's what I'd expect. Java is not installed by default in
Lion. If you try to launch something which needs Java, the system asks
if you want to install Java.

Safari and other browsers won't be able to run any Java code (unless one
of them happens to include its own private copy of Java, but I'm not
aware of any which do this).

If you were running Snow Leopard (Mac OS X 10.6) or earlier, then Java
is part of the initial OS install.

-- 
David Empson
dempson@actrix.gen.nz

[toc] | [prev] | [next] | [standalone]


#23359

From*Hemidactylus* <ecphoric@hotmail.com>
Date2012-04-05 23:21 -0400
Message-ID<7padnbtRk9LI_OPSnZ2dnUVZ_uWdnZ2d@giganews.com>
In reply to#23357
On 04/05/2012 10:48 PM, David Empson wrote:
> *Hemidactylus*<ecphoric@hotmail.com>  wrote:
>
>> When I click on my "Java Preferences" it asks me if I want to install a
>> Java Runtime. I'm taking this to mean I have no Java on my machine or
>> would there be something embedded in Safari that I'd need to check?
>
> I see from elsewhere in the thread that you are running Lion (OS X
> 10.7), so that's what I'd expect. Java is not installed by default in
> Lion. If you try to launch something which needs Java, the system asks
> if you want to install Java.
>
> Safari and other browsers won't be able to run any Java code (unless one
> of them happens to include its own private copy of Java, but I'm not
> aware of any which do this).
>
> If you were running Snow Leopard (Mac OS X 10.6) or earlier, then Java
> is part of the initial OS install.
>
Thanks. I was wondering if the prompt after Java Preferences meant I was 
totally in the clear. I first did a Spotlight for Java and figured out 
where the possibilities might be lurking.

I found some Java related stuff digging in the Safari menus, but 
whatever sits there is probably a placeholder for if I opted to install 
it right?

What about Firefox though?

OTOH what sort of messed up site would one need to surf to to get hit. 
Are we talking about people co-opting reputable sites to load nasties 
surreptitiously or are we talking the usual suspects like pornsites and 
whatnot?

There was a bunch of chatter about computers in the Cupertino area being 
infected. Was that Apple-bashing BS?

http://arstechnica.com/apple/news/2012/04/flashback-trojan-reportedly-controls-half-a-million-macs-and-counting.ars

[quote]Later in the day, however, Dr. Web malware analyst Sorokin Ivan 
posted to Twitter that the count had gone up to 600,000, with 274 bots 
even checking in from Cupertino, CA, where Apple's headquarters are 
located.[/quote]

Nonetheless, this doesn't look like a vulnerability in Mac OS X to me, 
but rather third party slop. And that Lion looks like it has this nipped 
in the bud unless I had opted into the vulnerability makes me feel much 
better.



-- 
*Hemidactylus*

[toc] | [prev] | [next] | [standalone]


#23362

Fromdempson@actrix.gen.nz (David Empson)
Date2012-04-06 18:19 +1200
Message-ID<1ki56ht.18z9ldtp7u0n3N%dempson@actrix.gen.nz>
In reply to#23359
*Hemidactylus* <ecphoric@hotmail.com> wrote:

> On 04/05/2012 10:48 PM, David Empson wrote:
> > *Hemidactylus*<ecphoric@hotmail.com>  wrote:
> >
> >> When I click on my "Java Preferences" it asks me if I want to install a
> >> Java Runtime. I'm taking this to mean I have no Java on my machine or
> >> would there be something embedded in Safari that I'd need to check?
> >
> > I see from elsewhere in the thread that you are running Lion (OS X
> > 10.7), so that's what I'd expect. Java is not installed by default in
> > Lion. If you try to launch something which needs Java, the system asks
> > if you want to install Java.
> >
> > Safari and other browsers won't be able to run any Java code (unless one
> > of them happens to include its own private copy of Java, but I'm not
> > aware of any which do this).
> >
> > If you were running Snow Leopard (Mac OS X 10.6) or earlier, then Java
> > is part of the initial OS install.
> >
> Thanks. I was wondering if the prompt after Java Preferences meant I was
> totally in the clear. I first did a Spotlight for Java and figured out
> where the possibilities might be lurking.
> 
> I found some Java related stuff digging in the Safari menus, but 
> whatever sits there is probably a placeholder for if I opted to install
> it right?

Yes.

> What about Firefox though?

Firefox also uses the system installation of Java. If there isn't one,
it won't be able to run any Java applets.

> OTOH what sort of messed up site would one need to surf to to get hit.
> Are we talking about people co-opting reputable sites to load nasties
> surreptitiously or are we talking the usual suspects like pornsites and
> whatnot?

I expect it is mostly affects disreputable sites, but in principle you
could have something like a hijacked advertisement feed for a legitimate
site.

> There was a bunch of chatter about computers in the Cupertino area being
> infected. Was that Apple-bashing BS?

I expect so.

All of these reports are based on one person's comment in Russia. Who
knows how reliable that source was?

Daring Fireball is reporting that some readers have indicated they were
hit by this, so it looks like a real issue, only the quantity of
infected machines is in question.

(I know I'm fine because I have had Java disabled in Safari since the
last time there was a potential security issue, probably more than a
year ago.)

-- 
David Empson
dempson@actrix.gen.nz

[toc] | [prev] | [next] | [standalone]


#23367

FromPaul Sture <paul@sture.ch>
Date2012-04-06 14:09 +0200
Message-ID<413359-tno.ln1@news.sture.ch>
In reply to#23362
On Fri, 06 Apr 2012 18:19:29 +1200, David Empson wrote:

> I expect it is mostly affects disreputable sites, but in principle you
> could have something like a hijacked advertisement feed for a legitimate
> site.

I've come across a couple of incidences of hijacked advertisement feeds 
on a legitimate site I use in the last few months.  They appeared in the 
middle of the night so only a few folks were affected.

I was running the Firefox NoScript add-on on the first occasion and saw 
nothing; on the second occasion my Windows antivirus tool caught the 
malware and blocked it.

I've also added the Firefox add-on Adblock Plus since then to reduce my 
exposure.

And I have started browsing that site using Linux inside a virtual
machine :-)

-- 
Paul Sture

[toc] | [prev] | [next] | [standalone]


#23551

FromHoward.not@home.com (Howard)
Date2012-04-09 18:17 +0100
Message-ID<1kiaqrh.m4pbjz38m71aN%Howard.not@home.com>
In reply to#23362
David Empson <dempson@actrix.gen.nz> wrote:

> All of these reports are based on one person's comment in Russia. Who
> knows how reliable that source was?


This is the kind of thing the Media and anti Apple brigade feed on. Who
knows if it is 1,00 machines or a million, or none !

Howard

[toc] | [prev] | [next] | [standalone]


#23561

FromPhillipJones <pjones1@kimbanet.com>
Date2012-04-09 14:20 -0400
Message-ID<jlv997$4lm$1@news.albasani.net>
In reply to#23551
Howard wrote:
> David Empson<dempson@actrix.gen.nz>  wrote:
>
>> All of these reports are based on one person's comment in Russia. Who
>> knows how reliable that source was?
>
>
> This is the kind of thing the Media and anti Apple brigade feed on. Who
> knows if it is 1,00 machines or a million, or none !
>
> Howard
Try this:
http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-flashback-malware-from-os-x/

[toc] | [prev] | [next] | [standalone]


#23591

FromHoward.not@home.com (Howard)
Date2012-04-10 17:46 +0100
Message-ID<1kicbsu.ftupj7ds48baN%Howard.not@home.com>
In reply to#23561
PhillipJones <pjones1@kimbanet.com> wrote:

> Howard wrote:
> > David Empson<dempson@actrix.gen.nz>  wrote:
> >
> >> All of these reports are based on one person's comment in Russia. Who
> >> knows how reliable that source was?
> >
> >
> > This is the kind of thing the Media and anti Apple brigade feed on. Who
> > knows if it is 1,00 machines or a million, or none !
> >
> > Howard
> Try this:
> http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-flashb
> ack-malware-from-os-x/

Yes but who knows how widespread it is ? afaik this is all based on a
previously unknown Russian group's claims ...

H

[toc] | [prev] | [next] | [standalone]


#23624

FromPaul Sture <paul@sture.ch>
Date2012-04-11 10:18 +0200
Message-ID<qbrf59-82h.ln1@news.sture.ch>
In reply to#23591
On Tue, 10 Apr 2012 17:46:48 +0100, Howard wrote:

> PhillipJones <pjones1@kimbanet.com> wrote:
> 
>> Howard wrote:
>> > David Empson<dempson@actrix.gen.nz>  wrote:
>> >
>> >> All of these reports are based on one person's comment in Russia.
>> >> Who knows how reliable that source was?
>> >
>> >
>> > This is the kind of thing the Media and anti Apple brigade feed on.
>> > Who knows if it is 1,00 machines or a million, or none !
>> >
>> > Howard
>> Try this:
>> http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-
flashb
>> ack-malware-from-os-x/
> 
> Yes but who knows how widespread it is ? afaik this is all based on a
> previously unknown Russian group's claims ...
> 

And I note DrWeb's attempts to drum up hits from Mac users by posting 
here.

I also note the frenzy of the press on this subject, most of whom copied 
their content verbatim without adding much.


-- 
Paul Sture

[toc] | [prev] | [next] | [standalone]


#23655

FromJohn McWilliams <jpmcw@comcast.net>
Date2012-04-11 15:13 -0700
Message-ID<jm4vlt$sfl$3@dont-email.me>
In reply to#23624
On 4/11/12   PDT 1:18 AM, Paul Sture wrote:
> On Tue, 10 Apr 2012 17:46:48 +0100, Howard wrote:
>
>> PhillipJones<pjones1@kimbanet.com>  wrote:
>>
>>> Howard wrote:
>>>> David Empson<dempson@actrix.gen.nz>   wrote:
>>>>
>>>>> All of these reports are based on one person's comment in Russia.
>>>>> Who knows how reliable that source was?
>>>>
>>>>
>>>> This is the kind of thing the Media and anti Apple brigade feed on.
>>>> Who knows if it is 1,00 machines or a million, or none !
>>>>
>>>> Howard
>>> Try this:
>>> http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-
> flashb
>>> ack-malware-from-os-x/
>>
>> Yes but who knows how widespread it is ? afaik this is all based on a
>> previously unknown Russian group's claims ...
>>
>
> And I note DrWeb's attempts to drum up hits from Mac users by posting
> here.
>
> I also note the frenzy of the press on this subject, most of whom copied
> their content verbatim without adding much.

There was, perhaps, already sufficient F, U and D......

[toc] | [prev] | [next] | [standalone]


#23366

FromPaul Sture <paul@sture.ch>
Date2012-04-06 14:01 +0200
Message-ID<ph2359-tno.ln1@news.sture.ch>
In reply to#23357
On Fri, 06 Apr 2012 14:48:32 +1200, David Empson wrote:

> Safari and other browsers won't be able to run any Java code (unless one
> of them happens to include its own private copy of Java, but I'm not
> aware of any which do this).

Private copies are indeed a possibility.  During the run up to Y2K our PC 
guys did a thorough analysis of what was running on our PCs, and many 
software packages at that time did install their own private copies.

Hopefully that practice has died out now, but it is still possible.

IIRC OpenOffice used to install a JRE (Java Runtime Environment).  

LibreOffice doesn't install a JRE, but at least the Windows and Linux 
versions suggest that you download it separately from Oracle.  I haven't 
tried installing LibreOffice on a Mac.

If you don't have Java installed LibreOffice (on Windows & Linux) will 
throw up 7 prompts warning you that Java isn't installed on the first 
run, but you can safely ignore these unless you want to use the Database 
package.

-- 
Paul Sture

[toc] | [prev] | [next] | [standalone]


#23370

Fromdempson@actrix.gen.nz (David Empson)
Date2012-04-07 01:46 +1200
Message-ID<1ki5r1s.1279kqfodfcp2N%dempson@actrix.gen.nz>
In reply to#23366
Paul Sture <paul@sture.ch> wrote:

> On Fri, 06 Apr 2012 14:48:32 +1200, David Empson wrote:
> 
> > Safari and other browsers won't be able to run any Java code (unless one
> > of them happens to include its own private copy of Java, but I'm not
> > aware of any which do this).
> 
> Private copies are indeed a possibility.  During the run up to Y2K our PC
> guys did a thorough analysis of what was running on our PCs, and many
> software packages at that time did install their own private copies.
> 
> Hopefully that practice has died out now, but it is still possible.

Less likely on a Mac at present, since Mac OS X builds of Java 6 (1.6)
and earlier were major customization jobs from Apple. A standard build
of Java might work on Mac OS X with limited functionality but I expect
some major components of Java wouldn't be functional without tying into
Apple's customizations.

It could become more of an issue in future when Mac support gets
integrated into the mainstream release of Java 7, as it will then be
possible for third parties to do their own Mac builds of Java.

> IIRC OpenOffice used to install a JRE (Java Runtime Environment).  
> 
> LibreOffice doesn't install a JRE, but at least the Windows and Linux
> versions suggest that you download it separately from Oracle.  I haven't
> tried installing LibreOffice on a Mac.

The internal structure of LibreOffice 3.4.3, OpenOffice 3.1.0 and
NeoOffice 3.0.1 look very similar, including a bunch of .jar files. From
a quick glance I can't see anything which might be a JVM but I don't
know exactly what to look for.

> If you don't have Java installed LibreOffice (on Windows & Linux) will
> throw up 7 prompts warning you that Java isn't installed on the first
> run, but you can safely ignore these unless you want to use the Database
> package.

-- 
David Empson
dempson@actrix.gen.nz

[toc] | [prev] | [next] | [standalone]


#23376

FromFred Moore <fmoore@gcfn.org>
Date2012-04-06 12:15 -0400
Message-ID<fmoore-A549DB.12150206042012@news.eternal-september.org>
In reply to#23370
In article <1ki5r1s.1279kqfodfcp2N%dempson@actrix.gen.nz>,
 dempson@actrix.gen.nz (David Empson) wrote:

> Paul Sture <paul@sture.ch> wrote:
> 
> > On Fri, 06 Apr 2012 14:48:32 +1200, David Empson wrote:
> > 
> > > Safari and other browsers won't be able to run any Java code (unless one
> > > of them happens to include its own private copy of Java, but I'm not
> > > aware of any which do this).
> > 
> > Private copies are indeed a possibility.  During the run up to Y2K our PC
> > guys did a thorough analysis of what was running on our PCs, and many
> > software packages at that time did install their own private copies.
> > 
> > Hopefully that practice has died out now, but it is still possible.
> 
> Less likely on a Mac at present, since Mac OS X builds of Java 6 (1.6)
> and earlier were major customization jobs from Apple. A standard build
> of Java might work on Mac OS X with limited functionality but I expect
> some major components of Java wouldn't be functional without tying into
> Apple's customizations.
> 
> It could become more of an issue in future when Mac support gets
> integrated into the mainstream release of Java 7, as it will then be
> possible for third parties to do their own Mac builds of Java.
> 
> > IIRC OpenOffice used to install a JRE (Java Runtime Environment).  
> > 
> > LibreOffice doesn't install a JRE, but at least the Windows and Linux
> > versions suggest that you download it separately from Oracle.  I haven't
> > tried installing LibreOffice on a Mac.
> 
> The internal structure of LibreOffice 3.4.3, OpenOffice 3.1.0 and
> NeoOffice 3.0.1 look very similar, including a bunch of .jar files. From
> a quick glance I can't see anything which might be a JVM but I don't
> know exactly what to look for.
> 
> > If you don't have Java installed LibreOffice (on Windows & Linux) will
> > throw up 7 prompts warning you that Java isn't installed on the first
> > run, but you can safely ignore these unless you want to use the Database
> > package.

From what I have read about OOo and its offshoots NeoO and LO, they do 
not 'run' Java. They 'access several Java libraries'. Now this may be a 
distinction without a difference. I'm certainly not qualified to say.

[toc] | [prev] | [next] | [standalone]


Page 1 of 3  [1] 2 3  Next page →

Back to top | Article view | comp.sys.mac.system


csiph-web