javascript | EssayBoard

Mac?! (Photo credit: Kramchang)

It’s being reported that the newest version of Mac Flashback Trojan can now exploit Java engine in Mac OS X, all versions of Mac OS X I guess. It bypasses the administrator privilege protection, and so it can install itself onto any Mac machine with Java enabled without the need to use an administrator password. As now, Apple has yet to release a security fix to counteract Mac Flashback Trojan’s Java exploit, therefore I think it’s best for you to disable Java plugin for your browsers!

Should you disable Java on Mac altogether? Yes, but unfortunately Java is so interconnected with Mac OS X (all versions), therefore I do not yet know how to disable Java on Mac. If you know, please write a comment or two and share your knowledge with my blog’s readers. Anyhow, the easy quick fix for now is not to use Java in any browser that you use on Mac.

Without further ado, now I’m going into how to disable Java on the most popular browsers that you can use on Mac. These browsers will have to be Safari, Firefox, Chrome, and Opera! So check the instructions below…

Safari – disable Java, you need to go to Safari > Preferences > Security > and uncheck the box that says Enable Java.
Firefox – disable Java, you need to go to Tools > Add-ons > Plugins > and disable the Java Applet Plug-in plugin.
Chrome – disable Java, you need to type in about:plugins in the browser address bar and disable the Java plugin.
Opera – disable Java, you need to go to Tools > Advanced > Plug-Ins > and disable the Java Applet Plug-in.

Please don’t confuse Java with Javascript! These two are different from each other! Nonetheless, let me digress a little. Javascript can also be dangerous sometimes, therefore you can disable Javascript by using popular extensions that are made available for certain popular browsers! In Firefox, you can use Noscript extension. In Chrome, you can try out the ScriptNo extension. I don’t know any extension that can disable Javascript for Safari and Opera.

Sources:

Mac Java hole exploited by wild Flashback Trojan strain (go.theregister.com)
New Trojan variant can install without password (macworld.com)
New Java Attack Rolled into Exploit Packs (krebsonsecurity.com)
New Trojan variant can install without password (infoworld.com)
Flashback.G Trojan Targets Macs (pcworld.com)
Mac Flashback trojan exploits unpatched Java vulnerability, no password needed (arstechnica.com)
Flashback.G trojan seen exploiting ancient Java vulnerabilities to infect Macs (9to5mac.com)
New Mac OS X trojan spotted in the wild (zdnet.com)
New Version of Flashback Trojan Targets Mac Users (apple.slashdot.org)
Intego finds new strain of Mac Flashback Trojan horse (macworld.com)
Flashback Mac OS X malware exploiting (old) Java security holes (zdnet.com)
How Secure Are Macs?, Low End Mac Round Table (lowendmac.com)

Aurora is version 9 of Firefox. Firefox’s stable version is 7.0.1, and it already has a beta in progress which is Firefox version 8. What after Aurora? Well, there is a nightly built which has been bumped to version 10 of Firefox. Confuse yet? Don’t be, because if you’re a regular user of Firefox who only wants to play with the stablest version there is of Firefox, then Firefox version 7.0.1 will be perfect.

So, what about Aurora? According to sources, Aurora utilizes a new feature known as type inference to boost Javascript’s performance. Regular users don’t really have to know what type inference is though, because it’s more of how one algorithm is able to smartly assign data types to particular variables. According to sources, Javascript’s performance can be improved by assigning correct data types to variables. Technically, I don’t know the true meaning of using type inference, but I surmise it has to do with the efficiency of memory. If my guess is correct, the efficient memory allocations will help boost Javascript’s performance, but do take this deduction with a grain of salt.

Aurora carries a new feature known as Data Management Window, and this feature allows users to specifically assign which websites can access users’ information such as browsing data, cookies, passwords, and so on. To access this feature, one has to type about:permissions into the URL address bar.

For web developers, Firefox Aurora comes with better support for HTML5, DOM level 3, server-sent events, networking technologies, and tools such as Scratchpad, Web Console, Web Developer Menu and others.

Aurora supports Mac, Windows, and Android. I’m not sure if Aurora is available for Linux or not, because I’d not heard anything of Aurora and Linux. Nonetheless, I might update this post on Aurora and Linux compatibility when I’ve the chance to test Aurora out on Linux. I don’t have an Android device, therefore I can only repeat what the source says about Aurora on Android. The source says that Android users will have a new look and feel of Firefox through Aurora. I guess the only way to find that out for Android users is to download Aurora and test it out.

In conclusion, Aurora has a solid feel to it when I’m using it. It feels really fast! With faster Javascript, Aurora can load websites with heavy Javascript elements faster. With better tools and support for HTML5, Firefox Aurora is definitely making it easier for web developers who want to create applications and add-ons for Firefox. Other experimental features are in the work, and a noticeable experimental feature is Data Management Window. I recommend users to test out Aurora! Users can download Aurora through Cnet and Mozilla’s official website at here.

Sources: http://www.ghacks.net/2011/10/01/firefox-9-features-changes/, http://www.ghacks.net/2011/09/04/firefox-9-gets-big-javascript-performance-boost/, http://blog.mozilla.com/futurereleases/2011/05/27/firefoxaurora/