Forgot your password?
typodupeerror
Java Apple

Apple Angers Mac Users With Silent Shutdown of Java 7 451

Posted by samzenpus
from the a-thief-in-the-night dept.
An anonymous reader writes in with news of the continuing saga of Java patches and exploits. "If you're a Mac user who suddenly can't access websites or run applications that rely on Java, you're not alone. For the second time in a month, Apple has silently blocked the latest version of Java 7 from running on OS X 10.6 Snow Leopard or higher via its XProtect anti-malware tool. Apple hasn't issued any official statements advising users of the change or its reasons, but it's a safe bet that the company has deemed Oracle's most recent update to Java insecure. That's why the company stealthily disabled Java on Macs back on Jan. 10, the same day a Java vulnerability was being exploited in the wild."
This discussion has been archived. No new comments can be posted.

Apple Angers Mac Users With Silent Shutdown of Java 7

Comments Filter:
  • Run Linux (Score:5, Funny)

    by Anonymous Coward on Sunday February 03, 2013 @05:58PM (#42780433)
    If you ran Linux you wouldn't have to worry about software not being able to run.
    • by DarkOx (621550)

      Unfortunately not entirely true. Mozilla has been taking it upon themselves to decide which java plugins you can and can't use. Obviously its just the plugin and nothing FF or Seamonkey does affects local java code from using whatever JRE I happen to have installed. Still I think its an over-reach.

      Fortuitously both are open source and it would be pretty trivial to disable that version check and do my own build if I needed to do so; but I would still say I am not pleased. Really they should just offer a

      • by vlm (69642)

        It should not be the case but lets face reality here there thousands of Java applications out there that only work correctly on specific platform releases. If you depend on these and your main system is a Mac you might be really screwed by this.

        Here let me help summarize

        It should not be the case but lets face reality here there thousands of Java applications out there that only work correctly on specific platform releases. If you depend on these ... you might be really screwed....

      • Re:Run Linux (Score:5, Informative)

        by dririan (1131339) on Sunday February 03, 2013 @06:47PM (#42780817)
        Almost all of the plugins are soft blocked. They'll be automatically disabled when you start Fx, but you can easily re-enable them without patching or updating anything. In fact, the same dialog that tells you about the soft block lets you uncheck "Disable" to prevent it from being disabled. Very nearly all plugins that are blacklisted are soft blocked. Their criteria for hard blocking plugins (which means the plugin cannot be re-enabled) is that the plugin either "is malicious" or "a soft-block will not resolve the issue in question, such as a start-up crash". See Mozilla's wiki [mozilla.org] for more information, especially the sections "A High Bar", "Block Conditions", and "Block Severity".

        Please don't spread misinformation and FUD about Mozilla's blocklisting when it really is done properly.
    • by MrEricSir (398214) on Sunday February 03, 2013 @06:12PM (#42780547) Homepage

      If you ran Linux you wouldn't have to worry about software not being able to run.

      10/10. This is how proper trolling is done.

      • Re: (Score:3, Funny)

        by Anonymous Coward

        If you ran Linux you wouldn't have to worry about software not being able to run.

        10/10. This is how proper trolling is done.

        If you ran Linux you would have no idea what it's like to experience the mysterious wonders of the malware world. Do you even know what it feels like to have a fuckin' sweeeet .dll hack invade your inner workings? I'll bet not. Like gettin' head from a porn star while smokin' blunts these days...they're so damn smooth, especially the Chinese. You hardly feel it.

        A fast personal computer is a terrible thing to waste. - Anonymous Botnet Operator

        (And THAT is how a proper troll response is done.)

        • Re:Run Linux (Score:5, Insightful)

          by smash (1351) on Monday February 04, 2013 @01:03AM (#42782941) Homepage Journal
          In the past 15 years, I've personally dealt with more rooted Linux boxes than rooted Windows servers. Sure, the Linux boxes are probably more exposed to teh internet, but to claim that if you run/deal with Linux you're never likely to experience malware is a bit of a reach.
    • by kenh (9056)

      Or Windows. This is the result of a decision made by Apple Corp. to make this happen.

      This came just as several hundred school teachers in my district were sitting down to enter grades into their Infinite Campus gradebooks at the end of the marking period. Apple's decision is playing havoc with their ability to use this Java-based application on their Apple MacBook Pros.

  • Old News (Score:5, Informative)

    by swimboy (30943) on Sunday February 03, 2013 @05:58PM (#42780439)
    Update 13 is already out, and *not* blocked by Apple. All that's blocked are the old, insecure (well, more insecure) versions.
    • Not blocked... yet.
      • by kthreadd (1558445)
        If there are security vulnerabilities discovered in update 13 then it will likely be blocked as well.
        • Re:Old News (Score:5, Interesting)

          by exomondo (1725132) on Sunday February 03, 2013 @06:23PM (#42780643)

          If there are security vulnerabilities discovered in update 13 then it will likely be blocked as well.

          So why don't they block older versions of their operating systems when they have vulnerabilities? That one in iOS where you could root the device from a website was pretty severe, seems if their goal is protecting the user from malicious software they probably should have blocked that from the app store and other services until the users updated.

          • Re: (Score:2, Interesting)

            by alcmena (312085)
            I'm sure that the fact that Java is the key technology behind Android development had nothing to do with Apple's decision.
    • Re:Old News (Score:5, Funny)

      by msauve (701917) on Sunday February 03, 2013 @06:26PM (#42780657)
      "Today, we celebrate the first glorious anniversary of the Information Purification Directives. We have created, for the first time in all history, a garden of pure ideologyâ"where each worker may bloom, secure from the pests purveying contradictory truths. Our Unification of Thoughts is more powerful a weapon than any fleet or army on earth. We are one people, with one will, one resolve, one cause. Our enemies shall talk themselves to death, and we will bury them with their own confusion. We shall prevail!" - Apple
  • by MrEricSir (398214) on Sunday February 03, 2013 @06:02PM (#42780465) Homepage

    Without Java applets, my plan to time travel back to 1997 and surf the web is completely ruined!

    • by hendridm (302246)

      You could always e-mail copies of web sites to yourself and view them in Microsoft Outlook's HTML renderer which has almost non-existant CSS support.

  • Mozilla did the same thing with blocking Java on Firefox on January 10th.

    Java 7 Update 13 is out already and works on Macs again anyway.

  • by thestudio_bob (894258) on Sunday February 03, 2013 @06:25PM (#42780653)

    Wow... Apple can't catch a break... You know damn well people would be bitching if they hadn't done this... Apple Fails To Disable Java 7. Millions of Macs Vulnerable. News at 11.

    • Re: (Score:3, Insightful)

      by Phelony (2628303)
      *Apple* fails to disable Java so Macs are vulnerable? So Oracle is not responsible for Java making Macs vulnerable??? It's Apple's fault??? Huh???
      • Re: (Score:3, Informative)

        by smash (1351)
        In slashdot groupthink, yes.
      • by jo_ham (604554)

        *Apple* fails to disable Java so Macs are vulnerable?

        So Oracle is not responsible for Java making Macs vulnerable??? It's Apple's fault???

        Huh???

        That's exactly what happened when Apple decided to stop shipping a Java VM by default with OS X, instead falling back to the position that every other OS uses - that if you need it, you get it from Oracle. That didn't stop slashdot frothing about how Apple was "killing Java" and "taking it away from Mac users" when it was really the opposite - shipping and updating their own version meant that the Mac version was always behind the current release, especially with bug fixes. Leaving it to Oracle meant it was

  • by g1powermac (812562) on Sunday February 03, 2013 @06:34PM (#42780713)
    The summary is incorrect with saying Apple blocked Java 7 on 10.6. Actually, Snow Leopard can't run the new Java from Oracle, it can only run the Apple version of it which is still the 6 series. With this last round of blocking, Apple also blocked their own version on Snow Leopard and Apple has not yet released an update for it last time I checked. Now, in my opinion, this whole blocking thing without notice was extremely unprofessional and made me disappointed in Apple, and that's coming from a Mac fan. I got hit with it the other day and spent hours trying to figure out why in the world Java wasn't working on my machines. Ended up finding a work around editing a .plist file using a console text editor. Definitely not a solution for anyone not familiar with the command line.
  • You can't handle the truth!

  • "Apple hasn't issued any official statements advising users of the change or its reasons, but it's a safe bet that the company has deemed Oracle's most recent update to Java insecure"

    Does this apply to the OpenJDK Runtime Environment [java.net]
  • Is to be commended. Unless, of course you are apple.
  • This is not the first time they've done stuff like this.

    If you update your JDK using Software Update, it overwrites all previous versions and turns them into symbolic links to the current version. You then receive an unpleasant surprise when software which relies on a particular JDK breaks for no apparent reason.

    The problem is not the changes themselves, but just unilaterally making these decisions and then not telling anyone. If I was working in an enterprise environment and this happened, I too wou
  • Steve Jobs took flash out behind the woodshed and flash didn't come back for dinner. I can say without a doubt that flash is dead, yet if I wanted to counter my own statement I could easily pullup a massive pile of stats that would show Flash on a huge percentage of machines and websites but I can see clearly that no even vaguely bleeding edge websites use it. Flash is just not where the cool kids are. HTML5 has almost entirely taken over all the basic requirements of making a dazzling website that dances a

Pause for storage relocation.

Working...