|
Security Problem with Java Dear LW People A serious vulnerability has been found in the Java applet, see for further details. My question is this: Will this security flaw allow someone to hack into my PC when I am using LW Pro (International) or should I move over to LW Pro (English/USA), which can use different versions of Java, and avoid the security problem? UK Bob |
This security flaw only affects java applets used on websites. It has nothing to do with LimeWire. - Still, you should considering updating java if you are using java 1.4.2_05 or earlier. |
Java Security Flaw Cheers trap_jaw4 I use LW Pro (International), which uses Java V1.3, and at this time there is no way to get it to use later versions of Java. I suppose you could ask why don't I use the English/USA installation of LW Pro, which is able to use any installed version of Java. The simple answer is that LW Pro (International) is stable, i.e. I have had no real problems with it, and, apart from security, I value stability above everything else. UK Bob |
Re: Java Security Flaw Quote:
Quote:
Again write a mail to the developers that they can fix it if there is a bug. Morgwen |
There's been many many posts on the international vs english installers, and why the international one requires Java 1.3 right now. You can also install Java 1.4 side-by-side, and applets will use the more recent version. |
Java Security Flaw Dear Morgwen I have sent many posts and had discussions with sberlin about LW Pro (International)'s inability to use anything but Java V1.3. However, when I get home tonight, I will download LW Pro V4.2.3 and re-download Java 1.4. I'll let you know how I get on. UK Bob |
Hm, simply deleting the v1.3 JRE from the LimeWire program directory to force it to use the newer version used to work fairly well, - back in the days.... |
I'm just a bit curious. I installed english installer of LW 4.2.3 for windows today on somebody's comp. It asked for Java 1.3.x I stopped installation & installed 1.5 & then reinstalled LW. It didn't ask for java again. But why did it ask for Java 1.3 instead of asking for a later version or just 'Java'? Does that have something to do with minimum requirements & that's all it asks for? It also strangely happily connected despite xp firewall being on (without configuration for LW.) |
Java V1.5 & LW Pro (International) Dear People I have installed LW Pro V4.2.3 (International) and I have Java V1.5 installed on my PC, trying to reinstall Java V1.4 did not entirely work because V1.5 was already there. However, LW Pro V4.2.3 did not recognise that Java V1.5 was installed and it is only using the Java applet it downloaded with, namely V1.3. As I said before, my main goal is to maintain stability over features because I use my PC for other important tasks, like home/internet banking, rather than just entertainment. Saying all that, I would still like LW Pro V4.2.3 to use my latest Java installation without having the bother of deleting V1.3. But I guess this is not to be. UK Bob |
Win XP Firewall Dear LOTR I use WinXP SP1 along with Norton Personal Firewall 2003, I also use other protection software which is not relevant to this discussion. I have turned on my XP firewall, which is not really a firewall because although it will block some things from getting into your PC it will not stop anything from getting out. I understand that the SP2 firewall works in exactly the same manner. Therefore, there is no surprise that LW can access the Internet without any configuration of XP’s (so called) firewall. However, NPF2003 can auto or manually configure your PCs protection for both incoming and out going communications with the Internet and, in my opinion, is well worth having. UK Bob |
I realise I was side-tracking a little with the firewall issue. Sorry about that. But thanks for the info & advice, much appreciated UK Bob! Cheers Lotr |
ukbobby -- as I've said in every single post about the installers, the international installer will use Java 1.3 unless you delete the 'jre' subdirectory from LimeWire. If you want to use a newer version of Java and not delete the 'jre' directory, use the English installer. Mentions of stability, etc... are a moot point, because they're the exact same program. LOTR -- The LimeWire installer installs Java 1.3 right now if it doesn't detect any version of Java on the machine. This is because the 1.3 JRE is about 1/3 the size of the 1.4 or 1.5 JRE, and when someone installs LimeWire, we want them to be able to use it ASAP. As I mentioned in an elsewhere (a while ago), we're exploring ways to unify the installers and use a newer version of Java by default. |
Java & LW Pro Dear sberlin Thanks for your summary of the Java problem, but I do feel that as a user I should not have to delete V1.3 to get LW Pro to use my installed V1.5, LW should detect the latest version of Java automatically. As the LW team are working towards this goal then I can wait until the finished product is ready. In addition, you say stability is a moot point, which is probably correct from a technical point of view and looking at LW in isolation. However, I have to consider my PC as a whole, the myriad of things I call upon it do and whether I should risk its destabilisation in the hope of getting a few extra features. As I have said before, the stability and security of my PC mean more to me than anything else. UK Bob |
Re: Java & LW Pro Quote:
Morgwen |
LW Pro & Java - Stability You know Morgwen Quote:
I have a colleague that has been working in IT for about 30 years yet his attitude towards his home computer has been cavalier, until his browser and Internet connection got hi-jacked. My sister told me that she would not use a firewall on her home PC because it slowed down her Internet surfing. A month or two later I got a plaintive e-mail cry for help detailing the problems she was having. She had so many problems that all I could advise was that she did a complete reinstall of her system. If my experience is typical then most home users do not really think about security or/and stability just about getting on the web as soon as possible. UK Bob |
I'm affraid your to right there ukbobboy, a recent inquiry showed that 75% of home computers are infected with spyware. Most people have no clue about spyware. As long as their computer works everything is OK. |
Computer Security & Phishing Dear RaaF You are spot on, and the growth in "phishing" has shown above all else that home PC security is that last thing on home users minds. Phishing used to, and still is, con men from Africa trawling the Internet for gullible home users who are stupid and greedy enough to give away their bank details. Now, because it has been so profitable for these small time con artists, the Mafia type criminal gangs have moved in on it, albeit with more sophistication. Simply put, if someone walked up to you in the street and asked you for your bank details you would tell that person to get lost. Yet there are loads of people willingly giving out their bank details simply because they received an email asking for it. You know, along with PC security software a little common sense goes a long way, it’s just that PC home users tend not to bother. UK Bob |
Re: LW Pro & Java - Stability Quote:
Man, that IS the way IT IS... :mad: [Enter RANT Mode] The majority of 'complaint' posts here, and in all other p2p based forums, are written by children (of ALL ages) who make no effort whatsoever to protect themselves from the 'outside internet baddies', never 'clean' their HDDs, never defragment their HDDs... Never anything... And they blame their problems on the client... end rant |
Fraudsters double phishing sites by creating networks of server PCs Dear LW People As if to emphasise my previous post about phishing, this just turned up today. It makes interesting reading: UK Bob |
Doh. I had to look the meaning of phishing up. Learn something new everyday. lol :D |
Re: LW Pro & Java - Stability Quote:
To make it short its funny that you try to persuade the developers that they coded two different programs with the same code. :rolleyes: Morgwen |
Security and Stability Dear Morgwen I think you have read more into my posts than I intended, I am not debating the technical merits of the International installation over the English or whether one version is buggier than the other. What I am saying is that the International installation of LW Pro has not caused me any problems whatsoever and since I use my PC for other things, which are much more important to me than just using LW, I will not take the chance of destabilising my computer for the possibility of using the English version with Java V1.5. As I said before, I will wait until there is a unified (installer) version of LW Pro available, which has the ability to detect the latest installed Java applet on my PC. I hope that this clears up any misunderstands that you may still have. UK Bob |
Re: Security and Stability Quote:
you said that in your experience the international version is more stable, didn´t you? Quote:
Morgwen |
Dear Morgwen You state that I said: Quote:
I have only mentioned "experience" when writing about my colleague, who had a cavalier attitude, and my sister that refused to use a firewall. Both got themselves into some serious trouble, my colleague's PC got hi-jacked and my sister's PC became almost unusable. Here endeth the lesson. UK Bob |
It is free choice. On some people's systems the international installer is much easier to install than the so-called english installer. They use different types of installers. But I wonder ukbobboy01, if you keep your installshield engines up-to-date (which is something many people haven't done which leads to their installation problems & resort to using the inter'l installer) perhaps you would be fine to use the english installer. I have a link in the sticky thread about installshield errors (in the installation/windows section) for updating these engines. But then I've found some people have had to go backwards from Java 1.5 to 1.4.2 due to problems on their setup. PC's are so, so variable. Why doesn't evreybody go out & buy a mac & their problems would be solved. Hey no SP2 or installshield to contend with, etc. No ram limitations. No Viruses to be bothered with. lol :D |
Quote:
Quote:
If you don´t think that one version is more stable than the other you should´t say that this is a reason why you use only one version. Morgwen |
You know LOTR You are so right, PCs are not only variable they are also very temperamental. In the past, I have worked on two PCs, both from the same manufacturer and the same model, in fact they had consecutive serial numbers so they both came of the production line at the same time. Yet when trying to enhance them with the same make and model of network card, operating system and application software one of the two PCs decided not to work in the same way as its brethren. I have worked with PCs over a number of years and I do know that a stable PCs can be pushed into instability by the smallest of things, such as an applet, the addition of a piece of hardware or even the uninstalling of some unused software. That is why I am loathed to change something I know works for something that may or may not bestow any benefits, it’s just too risky. UK Bob PS. Why don’t I buy a mac instead? I guess I like the fact that I can customise my PC to suit my needs, providing I don’t go too much beyond that, then I am OK. |
Dear Morgwen Again, you have inferred something that I did not mean, if you look at my reply to LOTR you will see exactly what I meant when I said that the International version is "stable". PCs, at the best of times, can be very temperamental and I do not want to take to chance of upsetting my PC’s current stability, the International version works for me, hence it is stable. This does not detract from the English version which, I understand, has given some LW users problems. UK Bob |
Quote:
The statement that the international version is stable is senseless... Btw if some users have problems with the English version this doesn´t mean they won´t have problems with the international version. You can´t compare your computer with one of these users there are several reasons why they might have problems but perhaps you won´t have these problems, because you have a different OS, different firewall, different version of LW, different JAVA version, different settings etc. As I said don´t say that the reason why you prefer one version is because its stable if you don´t think that the other version isn´t stable... Quote:
Morgwen |
And Finally Dear Morgwen Your reply seems to have taken on a religious zeal and, as such, cannot be argued with. All I can really say is that if I think something is good it does not mean that I think something else is bad, that is an inflexible way of thinking. Suffice to say that my policy of caution towards my PC, which you call paranoia, has kept my family and I in good stead for the past two years and I am not prepared to jeopardise that by carrying out unnecessary tests or installations. And finally, I have enjoyed using LW Pro for the past six months, ever since version 4.0.7, and have renewed my subscription for another six months but LW is not the most important thing I use my computer for. UK Bob |
Re: And Finally Quote:
Quote:
I think we should now quit the discussion. Morgwen |
Dear Morgwen Agreed, it is time to move on. It just goes to show that two people who use the same product can, and do, have different opinions. Until the next discussion. UK Bob |
| All times are GMT -7. The time now is 03:26 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.
Copyright © 2020 Gnutella Forums.
All Rights Reserved.