Java exploit news
The big news on Saturday morning was about a java zero day exploit. “A java zero day exploit… OH NO!” What’s java? What’s a zero day exploit? Is there any reason to panic? Is the sky falling?
When you go to a website, a java program may be downloaded and executed on your computer. If your computer has java installed, the program will execute. If you play a lot of online games, a lot of those programs may be java programs. Java is a common execution environment for Apple Macs and PCs. A java program should execute both PCs and Macs without any conversion.
A zero day exploit is a security flaw in a program that is immediately used by bad guys to take control of the public’s computers. The flaw is made public and someone has a program ready to take advantage of the problem.
Most of the time, security flaws are discovered but no one really cares until it affects them. It’s a lot like cigarette smoking, no one believes that they will be diagnosed with lung cancer until it happens to them. “My grandfather smoked every day, never had any problems with lung cancer, and lived to 90.” That case is the exception, not the rule.
In August 2003, the blaster virus infected a lot of computers. All you had to do was have your computer on the network. An infected computer would connect to your computer and infect it. You didn’t have to do anything. If your computer didn’t have the latest updates from Microsoft, you could be pretty sure that your computer would be infected. A firewall or router also prevented infection. The most interesting thing about the exploit was that a victim didn’t have to do anything. Just being connected to the Internet was enough to give another infected computer a free pass to your computer.
This new java exploit requires that a victim visit an infected website. The easiest way to prevent infection is to remove java from your computer. If your computer doesn’t have java installed, it will complain when you visit a website that attempts to load a java program on your computer.
Most people claim that they only want to surf the web and read email. If you dig a little, you will discover that people insist on all the wonder of the Internet. Sometimes one has to wonder if all the extra functionality on the Internet is really necessary.
Is it really necessary to include pictures, videos, and links to website in email important? It is amazing how much information can be included in a simple text message. Do you really need video messaging to say just say “hi”?