X
Tap here to go to the mobile version of the site.
Your Firefox is out of date and may contain a security risk! Upgrade Firefox

Support Forum

Why is java constantly considered as unsafe?

Posted

Each time there is an update to Java, when I install it or some time shortly thereafter, it is marked as unsafe in Firefox.

Are the Java developers working with the Firefox team to correct issues or are they purposely ignoring suggestions?

Post a Reply

Additional System Details

Installed Plug-ins

  • Shockwave Flash 11.9 r900
  • Next Generation Java Plug-in 10.45.2 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Adobe PDF Plug-In For Firefox and Netscape 11.0.05
  • VLC media player Web Plugin 2.1.0
  • Qualys BrowserCheck Plugin 1.8.51.1
  • 5.1.20913.0
  • Adobe Shockwave for Director Netscape plug-in, version 12.0.4.144
  • Winamp Application Detector
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • IE Tab 2 Plug-in for Mozilla/Firefox
  • Foxit Reader Plug-In For Firefox and Netscape
  • npFFApi
  • 1,2,1,2044
  • Npdsplay dll

Application

  • User Agent: Mozilla/5.0 (Windows NT 5.1; rv:24.0) Gecko/20100101 Firefox/24.0

More Information

Ed 95 solutions 596 answers

Hello,

I believe all versions of Java are now considered unsafe simply because in the past they have proved to be unsafe.

I think the rationale is: given the number of security vulnerabilities in previous versions of Java it is safer to assume that new versions will be vulnerable even if those vulnerabilities are not yet widely known.

See here for more information:

You can see the complete list of blocked add-ons here:

https://addons.mozilla.org/en-US/firefox/blocked/

I hope this helps.

Modified by Ed

Was this helpful to you? 2
Reply

Question owner

Do we ask the Oracle Corporation to fix Java's issues? Or do we ask developers to stop using it?

Was this helpful to you? 0
Reply
Ed 95 solutions 596 answers

I think Mozilla are hoping that developers will start to use HTML5 instead of Java (and indeed all browser plugins) because plugins are potentially vulnerable and also often cause crashes / other problems in the browser.

Was this helpful to you? 1
Reply

Helpful Reply

Here's an interesting article on the matter

http://threatpost.com/javas-losing-security-legacy

Was this helpful to you? 1
Reply
Ed 95 solutions 596 answers

Helpful Reply

Thanks. It actually sounds even worse than I'd imagined.

Was this helpful to you? 1
Reply

Question owner

Google Java security issues. There's a lot of concern about Java.

I do believe that Oracle is hammering its own nails into the Java coffin.

EG Apple has banned Java on it's Macs.

Was this helpful to you?
Reply

Question owner

I have an interesting situation. All of my PCs are with FF24 and Java 7u45 installed WinXp sp3. Three PCs have Java set to "always ask" with the warning about safety.

One PC has Java plugin and Java Deployment Tookkit are set to "always activate" in the add-ons manager settings. The only options for both are "always activate" and "never activate".

How do I set this to the proper setting of "always ask"?

I've dug around in about:config but cannot see anything obvious.

Was this helpful to you? 0
Reply
Ed 95 solutions 596 answers

I'm not too sure about that I'm afraid.

Since this is a slightly different question to the original would you mind starting a new thread and another support person will be along to answer.

Thanks.

Was this helpful to you? 0
Reply
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.