Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I am working on a mac os x computer. I was asked by a Java automatic update.
I have answered to remind me later this update.
And Safari opened this url: prefmgr-cookie.truste-svc.net
Do you think it is a malware or do you have ever see that when updating Java for mac os x ?
Thanks
prefmgr-cookie.truste-svc.net is a service from TrustArc (formerly TRUSTe, hence the domain name) which provides services for websites so that they can manage privacy management processes. Basically, they host the cookie compliance stuff, for example. Various research shows that they suck at their job, so a TRUSTe logo on a site is mostly a sign said company is throwing money at the problem and not actually willing to adhere to standards and laws, but that's beyond the technical nature of Stack Overflow.
It is not malware.
Note that 'java automatic update' isn't a thing. java is shipped by some party, and there are many offerings: AdoptOpenJDK ships them. So does oracle (but they don't want to, and you should probably not have oracle's offering). So does azul, amazon, even microsoft.
The updater, if there is such a thing, is installed and controlled by the party that shipped it to you, but you did not specify which java you installed, so going much further than this answer is difficult without knowing what you have.
You also don't need java installed unless either [A] you are a developer or [B] you are trying to run software built by some entity that is woefully out of date. Java apps should be shipped self-contained (not requiring you to separately install 'java') and this isn't hard to do either.
Googling this URL points to the company TrustArc (https://trustarc.com/), which provides an integration for websites, where the website visitors can manage their cookie preferences (e.g. only allow cookies which are necessary and disable additional tracking cookies on a specific website). So the URL itself is from a major company in that area, and can IMO be trusted.
For the reason, why this would be opened when delaying the Java update i can only speculate, possibly because the fact, that you delayed the update is stored locally in a cookie and thus the updates has to forward you to that page so that you can manage the settings.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I'm on this for a really long time. I need to have JRE 6 running on a new nonactivated Windows server 2019 essentials to be able to use a very old remote controller for some servers (old IBM & DELL racks).
No matter what version of java I install, it's just not running. I don't see it in the bottom right corner or in the running services. I know it seems very basic but I couldn't find a solution online.
Am I missing something? All I could find online is suggestions to add java to the environment variables but that is for a different issue. I tried it desperately but of course it didn't solve the problem.
Java, or more precisely the Java Virtual Machine (JVM), is not something that runs in the background. JVM is used to start specific applications. How the java.exe or similar executable will be resolved and invoked will depend on the specific application.
What you usually see in the Windows task tray area is a the Java update checker (Jucheck.exe). Whether or not this service is present will depend on selected installation options. It also might be that a very old Java 6 simply does not ship it.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Improve this question
I have seen that if you have a 'new' version of java in your browser, then you are not in danger of having a malware capable of installing into your computer automatically from seeing a web page, by using a java ... flaw.
Can you please tell me which is the java 'safe' version, that does not allow the malware to automatically install on computer?
(I really need to know if I was exposed to infection yesterday... is java 6 a 'good' choice)
The thing is that I want to be sure that I am 'safe'.
I want to be sure that I am 'safe'
The only way to be sure you are safe from malware from Java exploits is to uninstall it completely. The best that can be said of the latest, most secure Java version is that it has no known security bugs.
Java has reached 1.7, so just about any 1.6 version should be considered unsafe.
the thing is that I have used yahoo and there seems to be a problem Malicious advertisements served via Yahoo
That page notes:
The investigation showed that the earliest signs of infection were at December 30, 2013. Other reports suggest it might have started even earlier.
Now let us look at Release Dates for Java 6. The last publicly available Java 6 version is:
Java SE 6 Update 45[76] 2013-04-16 42 security fixes;[77] other changes;[76] final public update[78]
Or April 16th, last year. Some 8 months before that security alert.
Like I have been saying. Every publicly available version of Java 6 should be considered suspect. Every - single - one.
You should run a Malware checker on your machine.
But your answers & comments indicate to me something more. You don't really need to run Java applets in the browser, and probably do not need it for any other reason, so also uninstall Java completely.
And I do mean uninstall it, I do not mean not disable it, I do not mean not keep it up to date. You do not seem to need it on your PC, so don't take the risk.
Java is actually one of the most secure languages since it has a built-in security manager that can be used to sandbox applications and does a lot of built-in array out of bounds checks to prevent things like buffer overruns.
However, there have been a lot of problems in recent years regarding the security in Java applets. These are Java programs that can be run from a webbrowser. Applets have an even stricter sandbox to prevent the applet (or the website) from accessing your filesystem etc but there have been bugs found that can allow malicious code to escape the sandbox. These bugs are patched as quickly as possible so it is important to update Java (and keep up to date) on a regular basis.
If you don't need to run applets in your browser, the best thing to do to avoid these problems is to disable applets in your browser. This link can be used to learn how to disable applets in your browser of choice
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
We were/are stung by the new security baseline requirement with Java's release of 7u45, which caused our applet not work until the end user adjusted the security settings the java control panel (see discussion in below question)
Java applet manifest - Allow all Caller-Allowable-Codebase
If possible we'd like to put a process in place where we can proactively test new jdk releases.
Oracle / Sun appears to offer a way to get notified about this.
http://www.oracle.com/technetwork/java/index-jsp-137266.html
CAP (Compatibility and Performance Program) is an early access program for Java Standard Edition (Java SE). As part of our ongoing work to assure that new releases of Java SE are compatible, robust and fast we are creating this early program designed to give key developers early access to our newest releases. This program is not open to the general public.
The above url says this is not open to the public and does not provide a way to sign up. I've been digging for a bit to find this and have so far been unsuccessful.
Thanks for any help (I'll update this if I find out more)
Regards
G
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I want to develop a program, not language specific, that can redirect ANY connection to another one, like a proxy server, but for all connections. The language doesn't really matter, but is there a way to do this without modifying raw windows apis and such? I'm going to attempt this in java, but I can import C and C++ code with JNI. Also, what about mac/linux?
You should certainly consider/evaluate using TCP/UDP splice. It is a well-known mechanism for building proxies and is fairly efficient in terms of copying data form one connection to another.
URL: http://linux.die.net/man/2/splice
Java is the wrong language to attempt to do this in. Even if it is possible (e.g. on Windows), the real work would need to be done either using external utilities, or using native library calls.
Attempting to do this for multiple operating systems makes this even harder. The implementation mechanisms are bound to be different.
I don't know how you would do this in Windows, but on a modern Linux system you might do this using "iptables" to enable and configure the network packet processing in the OS kernel. This requires root privilege, a good understanding of the way that network protocols, and care ... since it is easy to "brick" your networking to the degree that you need console-level access to recover.
(And if you are using OS-level virtualization, it can get particularly complicated ...)
FWIW - It is possible to install and use a port of "iptables" on Mac OS/X ... thought it is apparently not supported by Apple.
On the other hand, if you are simply trying to have a Java application direct all of its own outgoing network connections via some kind of proxy, then you should be able to do this by configuring a custom SocketFactory implementation.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
Out of fear that someone will downvote this question because piracy is not preventable, I want to make it clear that the system I have put in place is only to deter pirates, and I am asking this question to ensure that it causes as little annoyance possible.
Currently, my system uses a combination of the MAC address, CPU Type and the HDD serial to create a hardware fingerprint (not the problem). Using Windows all my life, I have been pretty naive towards the simplicity of installing (and 'uninstalling') applications on OS X. At the moment I am storing this hardware fingerprint in a location in ~/Library/Application Support (so that Administrator passwords aren't required) as I had the intention of removing the application with an uninstaller. I know that some Mac applications use uninstallers, but personally I don't want to intervene with the simple drag 'n' drop process that is the convention.
I am going to implement functionality that will check the online database the see if the fingerprint of the machine running the software corresponds with the fingerprint that was bonded with the serial key upon licensing the software (If the user has an internet connection). Though, that would still require a way to store the serial key that was used and I want my users to be able to run the software without an internet connection.
Does anyone have any experience in this field or have any suggestions as to how I could still allow my software to be installed and removed using drag 'n' drop while still implementing my licensing system?
Thanks in advance.
Instead of storing the hardware fingerprint, just calculate it when you need it.
I do not know if the Preferences API would work for you in this situation, otherwise it could be used.
I don't suppose this is actually a proper, nor does it have a common answer. I also think I've probably jumped the gun and asked the wrong questions because in my more recent question that I asked I got the information I was looking for. So, the answer I really wanted/needed:
(It turns out) It's okay to leave files behind in Application Support (and Preferences). Some would even consider it desirable. So I'm going to store the licence file and a configuration file in a subdirectory of ~/Application Support and let my users decide where to put their 'database directory'. That way everyone wins (well, pretty much)!
Just an FYI, The problem wasn't with what I had, it was with where it went (file wise).