Protecting Yourself from Malicious Java Code
The following sections discuss several things you can do to protect your system against hostile Java code, starting with those recommendations anyone can perform, and ending with methods reserved for the more experienced user.
Total Security: Disable Java
If
you are in an environment that demands total security, turn off all
automatic executable content, including Java, in the Internet
Security zone. This can be done in Internet Explorer by choosing
Tools
→
Internet
Options
→
Security
→
Custom
Level
→
Java
→
Disable
Java
.
You may consider removing all Internet access. In an environment needing the highest security, it’s hard to justify any Internet access. There are too many working exploits. There is still a steady stream of exploits coming out from the world of executable content. The Java sandbox has been compromised at least a dozen times. Although all of those have been in research labs, who’s to say that a big hole hasn’t been discovered by a hacker ready to use it around the world? Some of the more recent holes discovered did not take a “rocket scientist” to figure out. Some of them are scarily easy once you know how. If you have to have a totally secure environment, disable the Internet. Weigh your potential costs against the benefits.
Run Only Trusted Java
Nothing can beat not running malicious applets in the first place. Start now and promise never to run untrusted code again. If you run a Java-enabled web or file server, ...
Get Malicious Mobile Code now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.