On Sat, 06 Dec 2003 21:58:46 -0800, Kerodo <kerodokenny@hotmail.com>
wrote:
If it doesn't interfere with functionality, it's best to disable any
feature. That's a golden rule. Java has some bugs that pop up every
now and then. Java operates in a "sandbox" that restricts what
applications can and can't do, but occasionally, exploits are found to
bypass the sandbox. Microsoft Java (Java Virtual Machine) is a heck of
a lot less secure than Sun's, which is included with Moz and
Gecko-descended browsers. See my post on the updates at my site
regarding a trojan going around, targeting Microsoft's JVM, which
makes use of a critical flaw that's still very widespread. Mozilla,
thanks to Sun's Java, is immune to that specific exploit (as far as we
know.) There is also one spyware (RedSheriff) that loads as a Java
applet, so it cannot be removed or stopped by standard removal tools,
but only by disabling Java or by blocking its "home sites".
There are some JS exploits too, but nearly all of them affect Interner
Explorer's "JScript", not the true JavaScript that Gecko browsers use.
But it's still a risk.
Frankly, I've been running without Java for years and i have not
missed a darned thing. I use Opera without the Java option. JS, on the
other hand, is required to access probably half of the web, and even
to access some hardware products like routers. If you don't mind the
inconvenience of enabling it on an "as-needed" basis, kudos to you,
and go for it.
Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com
