rach Posted October 22, 2013 Share Posted October 22, 2013 With Firefox 24 came a change that affects all versions of the Java plugin installed on a system. Mozilla made the decision to mark all existing and future versions of Java as insecure due to the "history of security vulnerabilities in Java" and "poor response times" to fix those issues.It needs to be noted that the organization is not the only one that decided to change how plugins are handled. Google decided to block all NPAPI plugins -- to which Java belongs -- at the beginning of 2014.Previously, only Java plugin version with known security vulnerabilities were added to Mozilla's blocklist which prevented the direct execution of them in the Firefox web browser and other Mozilla products.Along with this comes a change for users of Firefox who rely on Java. This not only affects gamers playing games designed in Java, but also people using Firefox in business environments.The bug listing on Mozilla has received its fair share of comments by system administrators who report that their users are running into issues running the Java applications in Firefox because of the changes that Mozilla made.The main points of criticism revolve around Mozilla's premise that Java is inherently insecure, and the implementation of the warning and click to play system.As far as the first point of criticism is concerned, the core argument here is that other plugin contents and applications are as insecure as Java is. Especially Flash is mentioned here several times.The second argument criticizes the implementation of the notifications. When users connect to websites that require Java, a small red icon appears in the browser's address bar next to the site address. If Java elements are visible on the page, a click to play message is displayed in addition to that. This is however not always the case, so that the red icon may be the only indicator that something was not loaded on the page. While it blinks a couple of times, it can be overlooked easily, especially if users are not experienced computer users.activate JavaWhile most experienced users may have no issues finding out about the change, most inexperienced users may not be able to figure out the solution on their own.Some developers have proposed that the warning message should be less scary, especially if the latest version of Java is installed on the computer system.Most administrators appeal to Mozilla to change the policy, for instance by making the process more visible to the user. Others seem to have jumped ship already and moved to another web browser that does not impose the restrictions -- yet -- on their user base.What's your take on this? Should Mozilla rethink the blocking of all Java versions, even those that have not been released yet? :view: View: Original Article Link to comment Share on other sites More sharing options...
locoJoe Posted October 22, 2013 Share Posted October 22, 2013 Developers and admins need to get far away from java based games and software. I applaud mozilla. I havent found a java based program that I cant live without yet! Link to comment Share on other sites More sharing options...
LeeSmithG Posted October 22, 2013 Share Posted October 22, 2013 (edited) New Java doesn't work on Mozilla browsers.I can't play yahoo pool in SeaMonkey my preferred browser for yahoo games.I use I.E. for 99% of other activities, but, prefer yahoo games using SeaMonkey. Edited October 22, 2013 by LeeSmithG Link to comment Share on other sites More sharing options...
rach Posted October 22, 2013 Author Share Posted October 22, 2013 New Java doesn't work on Mozilla browsers.you could use older browser where mozilla still enabled java plugin by default :) Link to comment Share on other sites More sharing options...
janedoe Posted October 23, 2013 Share Posted October 23, 2013 Java plugins? Ugh. These need to die, as well as ActiveX and Flash too (thanks to Apple and Steve Jobs for showing us the way by banning the latter on iOS). The quicker they're gone the better off we'll all be frankly. Time to move on to modern standards-compliant alternatives supported by HTML5 and beyond.BTW, I find it interesting that sysadmins are the ones speaking out against this move. If it was well and truly confident about the security of its product, a massive company like Oracle could easily have brought its influence to bear on Mozilla and asked them to review/rescind their decision. If they choose to stay quiet about this then their silence truly speaks volumes IMO. Link to comment Share on other sites More sharing options...
Recommended Posts