[image source_type=”attachment_id” source_value=”4777″ align=”left” size=”Small 150 width” quality=”99″] Beware! Browsers Using Java Still Vulnerable After Oracle “Fix”

Unfortunately, according to numerous experts, it boils down to the fact that Java is flawed.  Period!  View an infected web page and get infected. Oracle’s new edition of Java – the fix issued on January 13, (Version 7, Update 11) –  is already “busted.”

Since then numerous new vulnerabilities have been discovered.  The new flaws, like the earlier highly publicized one, permit an unsigned Java program to break out of its sandbox and do as it pleases with the victim’s computer.

In brief, the current issues are with Java from Oracle which does not run on android, but does run on Windows, OS-X, and Linux – an enormous user base.  Importantly, this can be true in all browsers and versions – in one instance even with the Java Control Panel set on the “Very High” setting.

Adam Gowdiak of Security Explorations in his posting said, “… recently made security “improvements to Java SE 7 software don’t prevent silent exploits at all. Users that require Java content in the web browser need to rely on a Click-to-Play technology implemented by several web browser vendors in order to mitigate the risk of a silent Java Plugin exploit.”

Sadly, according to Michael Horowitz, Computuerworld, “that advice is only useful to techies that understand both Java and Click-to-play.”  According to Horowitz the best strategy for Windows and Mac users is to uninstall Java and hope nothing breaks.

And while this discussion deals with online hazards, offline use has no restrictions in applications at all, with the only cure that of uninstalling Java completely.   Horowitz has a good article on how to be as safe as possible here
[divider]

NoAs of Now, Unlocking Your Cell Phone Is Illegal Without the Permission of the Carrier Who Locked It . . .

In a rather esoteric (some might call it bizarre)  interpretation by the Librarian of Congress of the Digital Millennium Copyright Act, if you want an unlocked phone you now have to buy it that way.

No more unlocking by alternative means, if you get my drift.  The new rule basically says you can’t buy a new highly discounted carrier phone and then unlock on your own. You must have the carrier’s permission.

I guess we’ll see how that works for us, huh? Lots of petitions in the works.  Sure to be more to come.
[divider]

Virus ProtectionBest Android Apps to Help Keep Your Smartphone Safe

As Smartphones proliferate, so do the dangers.  AV-Test,  an international and independent service provider in the fields of IT security and anti-virus research, says after inspecting 41 different virus scanners for Android,  about half of these scanners are not yet suitable for use as reliable products.

In general, the tried and true come from the desktop products you are familiar with.  The best products in their 2012 tests (with detection rates of 90% and above) were in alphabetic order: Avast, Dr. Web, F-Secure, Ikarus, Kaspersky, Lookout, McAfee, MYAndroid Protection/MYMobile Security, NQ Mobile/NetQin and Zoner.

Note that new 2013 testing has already begun, but you can check out their existing results here
[divider]

 February Maintenance Schedule

Tuesday, February 19th @ 5pm
Please contact us if you experience any problems.