Is Java Safe and Do I Need It?
A reader asks: 'I've been seeing warnings lately that Java has a security flaw, and everyone should remove it. I'm not even sure what Java is. What is Java? Is Java safe? Should I disable or uninstall it?' Read on to find out...
Should You Allow Java on Your Computer?
If you encounter a website with an embedded Java app, and you don't have Java installed (or enabled), you'll just see an empty space where the program (applet) should be displaying. Many sites will provide a helpful link to where you can download the Java runtime environment. Even cell phones commonly push Java at users. But what is Java, and why should you install or enable it?
Java is a both a programming language and a platform for development of applications that work on multiple operating systems, such as Windows or Mac OS or Linux. Java consists of many software components that work together to provide a "cross-platform environment". Essentially, that means a program written in the Java programming language will run on any type of computing platform, not just on an Intel or Apple or Nokia piece of hardware; provided, of course, that the essential Java operating components are present. That's where the Java runtime environment becomes necessary.
Java is handy for programmers; they need only write a program once and not worry about whether the user has a PC or a Mac computer, or be concerned with which browser is being used. Java applications can be embedded in web pages, cell phones, industrial controls, household thermostats, even coffee makers. So you will run into Java often.
Is Java Safe?
Java is touted as a secure computing environment, one that makes it difficult for bad guys to snoop, cripple, or take over your computer. The Java runtime forces all Java programs to run in what's called a "sandbox", a portion of computer memory to which they are strictly confined. In the sandbox, a program cannot do certain things without the user's explicit permission - like read your email or format your hard drive. But a sandbox takes up space.
Java sets up this sandbox in a "virtual machine" which consumes considerable computing resources. The amount of resources required varies according to the needs of a given Java application. A mortgage calculator won't slow your overall computing down noticeably. A 3D animated game might, if your computer is short on memory and/or processor power.
It's true that a serious flaw was recently discovered in Java. And yes, many voices have been calling on users to remove or at least disable Java as a result. However, a Java update is available that fixes this issue. If you download the latest version of Java (see link above), you can continue to use Java safely. Or maybe not... some
security experts are warning that the most recent fixes do not fully address all the security concerns.
Do I Really Need Java?
I'll agree that the usage of Java seems to be waning on the Web. Other development tools, notably HTML5, are gaining in popularity, but I still regularly encounter sites that use it. You may come across online games, financial calculators and other applications that prompt you to run a Java applet on a web page.
If you are sure that you never use any websites that need Java, I do recommend that you remove or disable it. Chrome, Firefox, Internet Explorer, and most other Web browsers let you enable and disable Java at will in their "Options" settings.
- In Chrome, enter chrome://plugins, then click "Disable: link next to Java(TM).
- In Firefox, click the Firefox button, or open the Tools menu. Select Addons, Choose the Plugins tab, select the Java plugin(s) and click disable.
- In Safari, go to Safari Preferences, then Security, and uncheck "Enable Java."
- In Internet Explorer, it's a little messier. See this link for instructions on how to disable or Java or completely remove it from your computer.
If you do use or encounter a website that requires Java, chances are you can find an alternative that doesn't. If you need to use a Java app for work, or there's just no good alternative, be sure to always keep your Java software updated.
If you want to keep Java for that "just in case" option, or one specific trusted site, I recommend that you disable it in your everyday web browser, and use a second Java-enabled browser just for those apps that require it. For example, if you use Google Chrome or Firefox primarily, disable it there, and let it stay enabled in Internet Explorer. When you need to use a Java app, fire up IE, run the app, then return to your primary browser.
I also suggest you read Leo Notenboom's excellent article on the Java security mess, for some additional background, and tips on dealing with the issues.
Do you have something to say about Java? Post your comment or question below...
This article was posted by Bob Rankin on 14 Jan 2013
|For Fun: Buy Bob a Snickers.|
Geekly Update - 09 January 2013
The Top Twenty
Geekly Update - 16 January 2013
There's more reader feedback... See all 26 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Is Java Safe and Do I Need It? (Posted: 14 Jan 2013)
Copyright © 2005 - Bob Rankin - All Rights Reserved