Can you click on this link to see if the java is safe?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
+ User FidoNet address: 1:3634/12.42
 al> I clicked on an image in Google images. It got me to the webpage i
 al> expected=  but a java console window opened (as i had set) and was
 al> about to run an ap= plet then i unplugged my ethernet before it
 al> did.

why? why haven't you been following the best practises methods stated by
practically everyone and especially those involved in the security industry to
completely disable /java/ in your regular browser and use a different browser
install for java access to those sites that require java?

the only other good analogy is related to STDs, which we used to compare
malware and viruses to back in the day to make the point extremely clear... do
you have unprotected sex with anyone you pick up in a bar or even at a friend's
party? having unprotected sex is also dangerous with those you may know since
they may not be aware of their infection or they may not care to tell you...

be smart... disable java (not javascript!) in your regular browser for now...
it is not necessary for a huge majority of sites... and don't have unprotected
sex with anyone without seeing their valid and up to date health card showing
that they are STD free ;)

)\/(ark
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ The FidoNet News Gate (Huntsville, AL - USA)        +
+ The views of this user are strictly his or her own. +
+ All data is scanned for malware by Avast! Antivirus +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Re: Can you click on this link to see if the java is safe?

On Thursday, March 28, 2013 5:27:53 AM UTC, mark lewis wrote:
Quoted text here. Click to load it


"different browser install" I suppose disabling the plugin would do the same
thing.

Oh i should have mentioned that my java console window pops up before the java 7
security pop-up like on http://zxspectrum.net . I had 186 tabs and my laptop was
slow anyway.  

If you're on wi-fi isn't it more difficult and slower to disable your network
connection than unpluging an ethernet cable?

Firefox does automatically disable java but i enabled it for sites like
zxspectrum.net and felt safer cos in my experience now java 7 always has a
security popup. Since my scare i have disabled it again.

Re: Can you click on this link to see if the java is safe?

On Thursday, March 28, 2013 1:27:53 PM UTC+8, mark lewis wrote:  
Quoted text here. Click to load it
w...
ected
wing

Can you even disable javascript?

As for unprotected sex, beware (if you really want to be paranoid) that unl
ess you have the Gardasil shot, and it only works with teens, you can in th
eory get throat cancer from just kissing a girl with the HPV virus...  no,  
I'm not that paranoid and am not going to worry about it, but just saying.

RL

Can you click on this link to see if the java is safe?

+ User FidoNet address: 1:3634/12.42
Quoted text here. Click to load it

 R> Can you even disable javascript?

sure can... at least in the browsers i'm aware of... it may not be a simply
click of a checkbox, though...

)\/(ark
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ The FidoNet News Gate (Huntsville, AL - USA)        +
+ The views of this user are strictly his or her own. +
+ All data is scanned for malware by Avast! Antivirus +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Re: Can you click on this link to see if the java is safe?

+ User FidoNet address: 1:3634/12.42
Quoted text here. Click to load it

 F> I followed the redirects and read all of the pages for any obvious  
 F> malware. I didn't find anything. Sometimes a redirection service  
 F> can send a surfer to a malware landing page.

it is also possible that your browser didn't trigger what the OP caught...
there are more and more malware infested sites that are tragetting more
specifically... it is speculated that this is to try to avoid researchers from
figuring out what's being done and how...

)\/(ark
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ The FidoNet News Gate (Huntsville, AL - USA)        +
+ The views of this user are strictly his or her own. +
+ All data is scanned for malware by Avast! Antivirus +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Re: Can you click on this link to see if the java is safe?

mark lewis formulated the question :
Quoted text here. Click to load it

I didn't use a browser, but I understand what you mean.



Can you click on this link to see if the java is safe?

+ User FidoNet address: 1:3634/12.42
Quoted text here. Click to load it

 F> I didn't use a browser, but I understand what you mean.

yeah, i don't use a normal browser, either... most of the time i use an old
copy of sam spade and its non-rendering browser... but telnet can be used
though that is a totally manual operation and can get very deep very fast ;)

i'm pretty sure that it isn't just the URL being requested and not just the UA
being used to determine whether or not to try to inflict the damage... i would
hazard a guess that the content and ordering of the headers is also used... the
IP might even come into play if a specific region is being targetted...

)\/(ark
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ The FidoNet News Gate (Huntsville, AL - USA)        +
+ The views of this user are strictly his or her own. +
+ All data is scanned for malware by Avast! Antivirus +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Re: Can you click on this link to see if the java is safe?

"mark lewis" wrote:

Quoted text here. Click to load it

In my experience, only the user-agent header is relevant when fetching
web-hosted malware with anything other than a browser using HTTP GET.
Of course, HTTP POST will require other data.

Quoted text here. Click to load it

Yes, that too, and sometimes you only get one chance per IP address.

A very competent sleuth who goes by the name of Spamless has checked
this URL and replied to the OP in nanae where he also posted. There is
a possibility that a benign Java applet, probably for an animation,
could be loaded from revolvermaps.com.



Re: Can you click on this link to see if the java is safe?

On Friday, March 29, 2013 4:38:02 AM UTC+8, mark lewis wrote:  
Quoted text here. Click to load it
.
 from
Quoted text here. Click to load it

What about the preventive technique of using an obscure browser like Konque
ror or whatever from Linux land or Opera for Windows, under the theory that
 their market share is so small no virus writer (and that does not include  
BTW kiddie scripter Dustin) would write a virus for such an obscure browser
?  Is that a good defense?

RL

Can you click on this link to see if the java is safe?

+ User FidoNet address: 1:3634/12.42
Quoted text here. Click to load it

 R> What about the preventive technique of using an obscure browser like
 R> Konque= ror or whatever from Linux land or Opera for Windows, under
 R> the theory that their market share is so small no virus writer

that might or might not work... it isn't always a bug in the browser that lets
the stuff in... the browsers tell the servers what they can accept and the
server takes it from there... if pdf capability is indicated, then they can
still hit your pdf with stuff to try to force their way in... the same with
java, too... it may be tougher to do but it is stil possible...

 R> (and that does not include = BTW kiddie scripter Dustin)  

please stop these childish digs like this... they hurt your appearance more
than anything else :?

 R> would write a virus for such an obscure browser= ?  Is that a good  
 R> defense?

security by obscurity is ok for some but it will come back to bite one's arse
at some point in time... but this is similar to the current speakings of
turning off java in your main browser and using another browser with java for
only those specific sites that one /has/ to use which require java...

)\/(ark
+++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ The FidoNet News Gate (Huntsville, AL - USA)        +
+ The views of this user are strictly his or her own. +
+ All data is scanned for malware by Avast! Antivirus +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++

Site Timeline