Re: Java is Blocked again today
By the way, there's a new Java out. Again. It seems Oracle never runs out of holes to patch... -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... Sent from my Barbie Dream Computer. * Added by TagZilla 0.7a1 running on Seamonkey 2.16 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
MCBastos wrote: Interviewed by CNN on 05/03/2013 09:47, MCBastos told the world: By the way, there's a new Java out. Again. It seems Oracle never runs out of holes to patch... Addendum: they even updated Java 6, AFTER they said they wouldn't do that anymore... must be a pretty embarrassing bug. I suspect that many of these updates are nothing more than switching to secure string manipulation ( C++ strncpy to strncpy_s )! Only a few updates are for exploited security bugs. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
David E. Ross wrote: On 3/3/13 12:23 PM, Rickles wrote: MCBastos wrote: Interviewed by CNN on 02/03/2013 15:51, question told the world: My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . I think you misunderstood the issue. The problem is not that a few computers belonging to Facebook engineers got hacked; the problem is that this event demonstrates that: a) There is a bug in Java b) Which is ALREADY BEING EXPLOITED by hackers. If this exploit only affected Facebook, there would be no reason for worry. But the thing is, it DOES present a risk for EVERY user. Facebook can take care of itself, but most small users CANNOT. It's to protect those small users that the block has been implemented. So, for the moment, it's considered dangerous to have Java running automatically. Even if the latest exploit has been band-aided, the recent pattern of security problems with Java raises serious doubts about its overall security. Simply stated, Java is no longer worth the trust of Internet users -- until such a time as it can regain that trust, Mozilla opted to place it in the click-to-run category, which needs an explicit OK from the user every time it is invoked by a site. Staying with an older Java release won't help; if anything, it will be worse, since those older releases are bound to be even more emphatically blocked. You raise a point I'd appreciate clarification on: explicit OK from the user. The problem several of us have is that, when visiting a site which uses Java, we are not ASKED if it's OK to run Java, the site simply fails. Despite continually un- and re-installing Java to allow for 'clean' installs, certificate updates, etc., we're not being prompted to click a permissions dialog, we're simply A) told by the web site that we don't have Java running, or B) nothing happens at all. The current state of the Java 7u15 plugin states this plugin is known to have vulnerabilities, but nothing actually says it's blocked (at least on my machine at the mo.) In fact, the 'disable' button is available if I want to turn it off, which infers it's still running. But the Pogo web site now looks for Java before allowing a Java-based game to run, and it tells me I haven't got Java installed. And that's contradictory, based on the observed interface. When you go to a Web page that uses Java but the blocklist prevents Java from running, you should see an icon at the left end of the URI bar (address bar). The icon resembles a small Lego block. Click on that icon to get a pull-down menu to override the blocklist for that Web page. No, this is NOT intuitive and definitely NOT user-oriented. And no, I know of no way to undo the override. And THAT's what I hadn't seen before in any previous posts! Thank you for that head's up. At least it is site-specific, so the wife can carry on playing her games. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
Rickles wrote: David E. Ross wrote: On 3/3/13 12:23 PM, Rickles wrote: MCBastos wrote: Interviewed by CNN on 02/03/2013 15:51, question told the world: My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . I think you misunderstood the issue. The problem is not that a few computers belonging to Facebook engineers got hacked; the problem is that this event demonstrates that: a) There is a bug in Java b) Which is ALREADY BEING EXPLOITED by hackers. If this exploit only affected Facebook, there would be no reason for worry. But the thing is, it DOES present a risk for EVERY user. Facebook can take care of itself, but most small users CANNOT. It's to protect those small users that the block has been implemented. So, for the moment, it's considered dangerous to have Java running automatically. Even if the latest exploit has been band-aided, the recent pattern of security problems with Java raises serious doubts about its overall security. Simply stated, Java is no longer worth the trust of Internet users -- until such a time as it can regain that trust, Mozilla opted to place it in the click-to-run category, which needs an explicit OK from the user every time it is invoked by a site. Staying with an older Java release won't help; if anything, it will be worse, since those older releases are bound to be even more emphatically blocked. You raise a point I'd appreciate clarification on: explicit OK from the user. The problem several of us have is that, when visiting a site which uses Java, we are not ASKED if it's OK to run Java, the site simply fails. Despite continually un- and re-installing Java to allow for 'clean' installs, certificate updates, etc., we're not being prompted to click a permissions dialog, we're simply A) told by the web site that we don't have Java running, or B) nothing happens at all. The current state of the Java 7u15 plugin states this plugin is known to have vulnerabilities, but nothing actually says it's blocked (at least on my machine at the mo.) In fact, the 'disable' button is available if I want to turn it off, which infers it's still running. But the Pogo web site now looks for Java before allowing a Java-based game to run, and it tells me I haven't got Java installed. And that's contradictory, based on the observed interface. When you go to a Web page that uses Java but the blocklist prevents Java from running, you should see an icon at the left end of the URI bar (address bar). The icon resembles a small Lego block. Click on that icon to get a pull-down menu to override the blocklist for that Web page. No, this is NOT intuitive and definitely NOT user-oriented. And no, I know of no way to undo the override. And THAT's what I hadn't seen before in any previous posts! Thank you for that head's up. At least it is site-specific, so the wife can carry on playing her games. Don't forget to cancel the Appointment with the Divorce Lawyers ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
Interviewed by CNN on 02/03/2013 15:51, question told the world: My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . I think you misunderstood the issue. The problem is not that a few computers belonging to Facebook engineers got hacked; the problem is that this event demonstrates that: a) There is a bug in Java b) Which is ALREADY BEING EXPLOITED by hackers. If this exploit only affected Facebook, there would be no reason for worry. But the thing is, it DOES present a risk for EVERY user. Facebook can take care of itself, but most small users CANNOT. It's to protect those small users that the block has been implemented. So, for the moment, it's considered dangerous to have Java running automatically. Even if the latest exploit has been band-aided, the recent pattern of security problems with Java raises serious doubts about its overall security. Simply stated, Java is no longer worth the trust of Internet users -- until such a time as it can regain that trust, Mozilla opted to place it in the click-to-run category, which needs an explicit OK from the user every time it is invoked by a site. Staying with an older Java release won't help; if anything, it will be worse, since those older releases are bound to be even more emphatically blocked. -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... Sent from my Mentat. * Added by TagZilla 0.7a1 running on Seamonkey 2.16 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
MCBastos wrote: Interviewed by CNN on 02/03/2013 15:51, question told the world: My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . I think you misunderstood the issue. The problem is not that a few computers belonging to Facebook engineers got hacked; the problem is that this event demonstrates that: a) There is a bug in Java b) Which is ALREADY BEING EXPLOITED by hackers. If this exploit only affected Facebook, there would be no reason for worry. But the thing is, it DOES present a risk for EVERY user. Facebook can take care of itself, but most small users CANNOT. It's to protect those small users that the block has been implemented. So, for the moment, it's considered dangerous to have Java running automatically. Even if the latest exploit has been band-aided, the recent pattern of security problems with Java raises serious doubts about its overall security. Simply stated, Java is no longer worth the trust of Internet users -- until such a time as it can regain that trust, Mozilla opted to place it in the click-to-run category, which needs an explicit OK from the user every time it is invoked by a site. Staying with an older Java release won't help; if anything, it will be worse, since those older releases are bound to be even more emphatically blocked. You raise a point I'd appreciate clarification on: explicit OK from the user. The problem several of us have is that, when visiting a site which uses Java, we are not ASKED if it's OK to run Java, the site simply fails. Despite continually un- and re-installing Java to allow for 'clean' installs, certificate updates, etc., we're not being prompted to click a permissions dialog, we're simply A) told by the web site that we don't have Java running, or B) nothing happens at all. The current state of the Java 7u15 plugin states this plugin is known to have vulnerabilities, but nothing actually says it's blocked (at least on my machine at the mo.) In fact, the 'disable' button is available if I want to turn it off, which infers it's still running. But the Pogo web site now looks for Java before allowing a Java-based game to run, and it tells me I haven't got Java installed. And that's contradictory, based on the observed interface. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
Interviewed by CNN on 03/03/2013 17:23, Rickles told the world: You raise a point I'd appreciate clarification on: explicit OK from the user. The problem several of us have is that, when visiting a site which uses Java, we are not ASKED if it's OK to run Java, the site simply fails. Despite continually un- and re-installing Java to allow for 'clean' installs, certificate updates, etc., we're not being prompted to click a permissions dialog, we're simply A) told by the web site that we don't have Java running, or B) nothing happens at all. The current state of the Java 7u15 plugin states this plugin is known to have vulnerabilities, but nothing actually says it's blocked (at least on my machine at the mo.) In fact, the 'disable' button is available if I want to turn it off, which infers it's still running. But the Pogo web site now looks for Java before allowing a Java-based game to run, and it tells me I haven't got Java installed. And that's contradictory, based on the observed interface. It's possible that -- beyond the default click-to-run imposed by the block list -- you have your Java plugin manually set to disabled in the Add-Ons Manager. Why it got that way, I have no idea. But do check that. I saw a computer like that a few days ago -- after manually enabling the Java plugin, the click-to-run behavior started to work as designed. It's possible that you may have to disable, then re-enable Java. I don't remember what I did exactly to fix it. -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... Sent from my Franklin Translator. * Added by TagZilla 0.7a1 running on Seamonkey 2.16 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
It's possible that -- beyond the default click-to-run imposed by the block list -- you have your Java plugin manually set to disabled in the Add-Ons Manager. Why it got that way, I have no idea. But do check that. I saw a computer like that a few days ago -- after manually enabling the Java plugin, the click-to-run behavior started to work as designed. It's possible that you may have to disable, then re-enable Java. I don't remember what I did exactly to fix it. My Java plugin is ENabled, because the DISable button is visible. If I click DISable, the plugin status immediately changes in the Add-On mgr screen to reflect that (button changes to ENable.) Clicking on ENable changes the display status back to the previous warning (but not blocked) message. In either state, the Java-based games won't play from Pogo, and a dialog opens to test for the presence of Java, which ultimately says I haven't got it. If I go to about:config to shut the blocklist function off, the game plays immediately. Data Manager entries for Permissions, Cookies, etc., have absolutely no effect, since Data Mgr has no interface that relates to plugins. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
On 3/3/13 12:23 PM, Rickles wrote: MCBastos wrote: Interviewed by CNN on 02/03/2013 15:51, question told the world: My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . I think you misunderstood the issue. The problem is not that a few computers belonging to Facebook engineers got hacked; the problem is that this event demonstrates that: a) There is a bug in Java b) Which is ALREADY BEING EXPLOITED by hackers. If this exploit only affected Facebook, there would be no reason for worry. But the thing is, it DOES present a risk for EVERY user. Facebook can take care of itself, but most small users CANNOT. It's to protect those small users that the block has been implemented. So, for the moment, it's considered dangerous to have Java running automatically. Even if the latest exploit has been band-aided, the recent pattern of security problems with Java raises serious doubts about its overall security. Simply stated, Java is no longer worth the trust of Internet users -- until such a time as it can regain that trust, Mozilla opted to place it in the click-to-run category, which needs an explicit OK from the user every time it is invoked by a site. Staying with an older Java release won't help; if anything, it will be worse, since those older releases are bound to be even more emphatically blocked. You raise a point I'd appreciate clarification on: explicit OK from the user. The problem several of us have is that, when visiting a site which uses Java, we are not ASKED if it's OK to run Java, the site simply fails. Despite continually un- and re-installing Java to allow for 'clean' installs, certificate updates, etc., we're not being prompted to click a permissions dialog, we're simply A) told by the web site that we don't have Java running, or B) nothing happens at all. The current state of the Java 7u15 plugin states this plugin is known to have vulnerabilities, but nothing actually says it's blocked (at least on my machine at the mo.) In fact, the 'disable' button is available if I want to turn it off, which infers it's still running. But the Pogo web site now looks for Java before allowing a Java-based game to run, and it tells me I haven't got Java installed. And that's contradictory, based on the observed interface. When you go to a Web page that uses Java but the blocklist prevents Java from running, you should see an icon at the left end of the URI bar (address bar). The icon resembles a small Lego block. Click on that icon to get a pull-down menu to override the blocklist for that Web page. No, this is NOT intuitive and definitely NOT user-oriented. And no, I know of no way to undo the override. -- David E. Ross http://www.rossde.com/ Are taxes too high in the U.S.? Check the bar graph at http://www.rossde.com/taxes/trickling.html to see. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
David E. Ross wrote: On 3/3/13 12:23 PM, Rickles wrote: MCBastos wrote: Interviewed by CNN on 02/03/2013 15:51, question told the world: My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . I think you misunderstood the issue. The problem is not that a few computers belonging to Facebook engineers got hacked; the problem is that this event demonstrates that: a) There is a bug in Java b) Which is ALREADY BEING EXPLOITED by hackers. If this exploit only affected Facebook, there would be no reason for worry. But the thing is, it DOES present a risk for EVERY user. Facebook can take care of itself, but most small users CANNOT. It's to protect those small users that the block has been implemented. So, for the moment, it's considered dangerous to have Java running automatically. Even if the latest exploit has been band-aided, the recent pattern of security problems with Java raises serious doubts about its overall security. Simply stated, Java is no longer worth the trust of Internet users -- until such a time as it can regain that trust, Mozilla opted to place it in the click-to-run category, which needs an explicit OK from the user every time it is invoked by a site. Staying with an older Java release won't help; if anything, it will be worse, since those older releases are bound to be even more emphatically blocked. You raise a point I'd appreciate clarification on: explicit OK from the user. The problem several of us have is that, when visiting a site which uses Java, we are not ASKED if it's OK to run Java, the site simply fails. Despite continually un- and re-installing Java to allow for 'clean' installs, certificate updates, etc., we're not being prompted to click a permissions dialog, we're simply A) told by the web site that we don't have Java running, or B) nothing happens at all. The current state of the Java 7u15 plugin states this plugin is known to have vulnerabilities, but nothing actually says it's blocked (at least on my machine at the mo.) In fact, the 'disable' button is available if I want to turn it off, which infers it's still running. But the Pogo web site now looks for Java before allowing a Java-based game to run, and it tells me I haven't got Java installed. And that's contradictory, based on the observed interface. When you go to a Web page that uses Java but the blocklist prevents Java from running, you should see an icon at the left end of the URI bar (address bar). The icon resembles a small Lego block. Click on that icon to get a pull-down menu to override the blocklist for that Web page. No, this is NOT intuitive and definitely NOT user-oriented. And no, I know of no way to undo the override. About:config search for Blocklist double click EXTENSION,BLOCKLIST.ENABLED and this will Change it From true to False .. Print this out , Because The next Release of Seamonkey may just block it again . I Still say we let FACEBOOK Take care of their own problems with their Security . ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
question wrote: David E. Ross wrote: On 3/3/13 12:23 PM, Rickles wrote: MCBastos wrote: Interviewed by CNN on 02/03/2013 15:51, question told the world: My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . I think you misunderstood the issue. The problem is not that a few computers belonging to Facebook engineers got hacked; the problem is that this event demonstrates that: a) There is a bug in Java b) Which is ALREADY BEING EXPLOITED by hackers. If this exploit only affected Facebook, there would be no reason for worry. But the thing is, it DOES present a risk for EVERY user. Facebook can take care of itself, but most small users CANNOT. It's to protect those small users that the block has been implemented. So, for the moment, it's considered dangerous to have Java running automatically. Even if the latest exploit has been band-aided, the recent pattern of security problems with Java raises serious doubts about its overall security. Simply stated, Java is no longer worth the trust of Internet users -- until such a time as it can regain that trust, Mozilla opted to place it in the click-to-run category, which needs an explicit OK from the user every time it is invoked by a site. Staying with an older Java release won't help; if anything, it will be worse, since those older releases are bound to be even more emphatically blocked. You raise a point I'd appreciate clarification on: explicit OK from the user. The problem several of us have is that, when visiting a site which uses Java, we are not ASKED if it's OK to run Java, the site simply fails. Despite continually un- and re-installing Java to allow for 'clean' installs, certificate updates, etc., we're not being prompted to click a permissions dialog, we're simply A) told by the web site that we don't have Java running, or B) nothing happens at all. The current state of the Java 7u15 plugin states this plugin is known to have vulnerabilities, but nothing actually says it's blocked (at least on my machine at the mo.) In fact, the 'disable' button is available if I want to turn it off, which infers it's still running. But the Pogo web site now looks for Java before allowing a Java-based game to run, and it tells me I haven't got Java installed. And that's contradictory, based on the observed interface. When you go to a Web page that uses Java but the blocklist prevents Java from running, you should see an icon at the left end of the URI bar (address bar). The icon resembles a small Lego block. Click on that icon to get a pull-down menu to override the blocklist for that Web page. No, this is NOT intuitive and definitely NOT user-oriented. And no, I know of no way to undo the override. About:config search for Blocklist double click EXTENSION,BLOCKLIST.ENABLED and this will Change it From true to False .. Print this out , Because The next Release of Seamonkey may just block it again . I Still say we let FACEBOOK Take care of their own problems with their Security . P S ... MY WIFE is real Happy Now . ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
Original Message David E. Ross wrote: On 3/3/13 12:23 PM, Rickles wrote: MCBastos wrote: Interviewed by CNN on 02/03/2013 15:51, question told the world: My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . I think you misunderstood the issue. The problem is not that a few computers belonging to Facebook engineers got hacked; the problem is that this event demonstrates that: a) There is a bug in Java b) Which is ALREADY BEING EXPLOITED by hackers. If this exploit only affected Facebook, there would be no reason for worry. But the thing is, it DOES present a risk for EVERY user. Facebook can take care of itself, but most small users CANNOT. It's to protect those small users that the block has been implemented. So, for the moment, it's considered dangerous to have Java running automatically. Even if the latest exploit has been band-aided, the recent pattern of security problems with Java raises serious doubts about its overall security. Simply stated, Java is no longer worth the trust of Internet users -- until such a time as it can regain that trust, Mozilla opted to place it in the click-to-run category, which needs an explicit OK from the user every time it is invoked by a site. Staying with an older Java release won't help; if anything, it will be worse, since those older releases are bound to be even more emphatically blocked. You raise a point I'd appreciate clarification on: explicit OK from the user. The problem several of us have is that, when visiting a site which uses Java, we are not ASKED if it's OK to run Java, the site simply fails. Despite continually un- and re-installing Java to allow for 'clean' installs, certificate updates, etc., we're not being prompted to click a permissions dialog, we're simply A) told by the web site that we don't have Java running, or B) nothing happens at all. The current state of the Java 7u15 plugin states this plugin is known to have vulnerabilities, but nothing actually says it's blocked (at least on my machine at the mo.) In fact, the 'disable' button is available if I want to turn it off, which infers it's still running. But the Pogo web site now looks for Java before allowing a Java-based game to run, and it tells me I haven't got Java installed. And that's contradictory, based on the observed interface. When you go to a Web page that uses Java but the blocklist prevents Java from running, you should see an icon at the left end of the URI bar (address bar). The icon resembles a small Lego block. Click on that icon to get a pull-down menu to override the blocklist for that Web page. No, this is NOT intuitive and definitely NOT user-oriented. And no, I know of no way to undo the override. About:config search for Blocklist double click EXTENSION,BLOCKLIST.ENABLED and this will Change it From true to False .. Print this out , Because The next Release of Seamonkey may just block it again . I Still say we let FACEBOOK Take care of their own problems with their Security . Had no effect. I think the cause of the problem has to do with how the browser interacts with java, not the status of the blocklist. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
question wrote: Roger Fink wrote: Original Message Se 7 u15 seamonkey 2.16 worked this morning .. https://addons.mozilla.org/en-US/seamonkey/blocked/p294 Why was it blocked? Old versions of the Java plugin are potentially insecure and unstable. All users are strongly recommended to update on our plugin check page. Who is affected? All users who have these versions of the plugin installed in Firefox. What does this mean? The problematic add-on or plugin will be automatically disabled and no longer usable. When Mozilla becomes aware of add-ons, plugins, or other third-party software that seriously compromises SeaMonkey security, stability, or performance and meets certain criteria, the software may be blocked from general use. For more information, please read this support article. Blocked on February 25, 2013. View block request. https://bugzilla.mozilla.org/show_bug.cgi?id=843373 Bug 843373 - Please Enable CTP for all released versions of Java Status: VERIFIED FIXED Whiteboard: [plugin] Keywords: Product: addons.mozilla.org Component: Blocklisting Version: unspecified Platform: All All Importance: -- normal (vote) Target Milestone: --- Assigned To: Nobody; OK to take it and work on it QA Contact: Paul Silaghi [QA] URL: Depends on: Blocks: Show dependency tree / graph Reported: 2013-02-20 15:12 PST by Yvan Boily [:ygjb][:yvan] Modified: 2013-02-27 07:31 PST (History) CC List: 22 users (show) See Also: Crash Signature: V.7 update 15 is working for me on one site, but not on another (running SM 2.15.2, Win7). Recently it was working everywhere. And before that the same spotty results as today with the same sites working and not working. Frankly, using java in SeaMonkey has become an exercise in masochism, and I've stopped trying. On Pogo.com Some Games that use Java Work fine, Then other games that is use Java tells me I need to install JAVA . In seamonkey Ad on manager it Tells Me that Java 7 u 15 IS KNOWN TO BE VULnurable .. But it is not Disabled .. In java Consul Mozilla will not Stay Checked . Same thing here: SM2.16, Java v7u15: At Pogo game site, Java-based games say that Java isn't installed, and SM Add-On Mgr shows Java warning about 'MAY BE VULNERABLE', but does not indicate an absolute block. There's a functino called a Blocklist running in the background in SM. The programmers write a listing of versions of assorted 3rd-party software (Java, Adobe Flash, whatever) that have known issues, either with security and/or SM stability, so that Blocklist listing doc contains settings to block SM's use of those applications. A new Blocklist file is downloaded automatically on a regular basis, assuming SM is open, so when apps change, the list can be changed and passed on without you having to remember to go looking. You can bypass that if you want, BUT YOU ACCEPT THE CONSEQUENCES IF SOMETHING GOES WRONG. In the Browser, type 'about:config' in the address bar. A listing of all the settings will appear in the browser window. In the search bar, type 'bocklist', and the list will shorten to include only those perferences which have that name in them. The one you want is 'extensions.blocklist.enabled'. The value can only be True of False. When it's True, the blocklist stops things. To change from True to False, simply double-click the preference name. The value will change to False, and the entire line will go to BOLD text, to show that it's not at its default value. Your Pogo games should all work now. THIS OPENS YOU UP TO ANY OTHER SITE USING JAVA IN A MALICIOUS MANNER, regardless of Pogo's use of Java. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
Rickles wrote: question wrote: Roger Fink wrote: Original Message Se 7 u15 seamonkey 2.16 worked this morning .. https://addons.mozilla.org/en-US/seamonkey/blocked/p294 Why was it blocked? Old versions of the Java plugin are potentially insecure and unstable. All users are strongly recommended to update on our plugin check page. Who is affected? All users who have these versions of the plugin installed in Firefox. What does this mean? The problematic add-on or plugin will be automatically disabled and no longer usable. When Mozilla becomes aware of add-ons, plugins, or other third-party software that seriously compromises SeaMonkey security, stability, or performance and meets certain criteria, the software may be blocked from general use. For more information, please read this support article. Blocked on February 25, 2013. View block request. https://bugzilla.mozilla.org/show_bug.cgi?id=843373 Bug 843373 - Please Enable CTP for all released versions of Java Status: VERIFIED FIXED Whiteboard: [plugin] Keywords: Product: addons.mozilla.org Component: Blocklisting Version: unspecified Platform: All All Importance: -- normal (vote) Target Milestone: --- Assigned To: Nobody; OK to take it and work on it QA Contact: Paul Silaghi [QA] URL: Depends on: Blocks: Show dependency tree / graph Reported: 2013-02-20 15:12 PST by Yvan Boily [:ygjb][:yvan] Modified: 2013-02-27 07:31 PST (History) CC List: 22 users (show) See Also: Crash Signature: V.7 update 15 is working for me on one site, but not on another (running SM 2.15.2, Win7). Recently it was working everywhere. And before that the same spotty results as today with the same sites working and not working. Frankly, using java in SeaMonkey has become an exercise in masochism, and I've stopped trying. On Pogo.com Some Games that use Java Work fine, Then other games that is use Java tells me I need to install JAVA . In seamonkey Ad on manager it Tells Me that Java 7 u 15 IS KNOWN TO BE VULnurable .. But it is not Disabled .. In java Consul Mozilla will not Stay Checked . Same thing here: SM2.16, Java v7u15: At Pogo game site, Java-based games say that Java isn't installed, and SM Add-On Mgr shows Java warning about 'MAY BE VULNERABLE', but does not indicate an absolute block. There's a functino called a Blocklist running in the background in SM. The programmers write a listing of versions of assorted 3rd-party software (Java, Adobe Flash, whatever) that have known issues, either with security and/or SM stability, so that Blocklist listing doc contains settings to block SM's use of those applications. A new Blocklist file is downloaded automatically on a regular basis, assuming SM is open, so when apps change, the list can be changed and passed on without you having to remember to go looking. You can bypass that if you want, BUT YOU ACCEPT THE CONSEQUENCES IF SOMETHING GOES WRONG. In the Browser, type 'about:config' in the address bar. A listing of all the settings will appear in the browser window. In the search bar, type 'bocklist', and the list will shorten to include only those perferences which have that name in them. The one you want is 'extensions.blocklist.enabled'. The value can only be True of False. When it's True, the blocklist stops things. To change from True to False, simply double-click the preference name. The value will change to False, and the entire line will go to BOLD text, to show that it's not at its default value. Your Pogo games should all work now. THIS OPENS YOU UP TO ANY OTHER SITE USING JAVA IN A MALICIOUS MANNER, regardless of Pogo's use of Java. My wife has not used her computer this week.. So this explains why Java works on hers this morning..on pogo Block list has not been updated more in likely. Both computers are identical... But her JAVA is 7u10 Mine is 7u15 I told her not to update her Java . Reading the bugzilla. We are being Blocked Because FACEBOOK got hacked.. Could be FACEBOOK does not have Java Configured Correctly . So Ever other WEBSITE that uses JAVA has to Suffer Because The Almighty FACEBOOK's Security is not Enabled correctly . Let Facebook take care of itself . ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
Original Message Se 7 u15 seamonkey 2.16 worked this morning .. https://addons.mozilla.org/en-US/seamonkey/blocked/p294 Why was it blocked? Old versions of the Java plugin are potentially insecure and unstable. All users are strongly recommended to update on our plugin check page. Who is affected? All users who have these versions of the plugin installed in Firefox. What does this mean? The problematic add-on or plugin will be automatically disabled and no longer usable. When Mozilla becomes aware of add-ons, plugins, or other third-party software that seriously compromises SeaMonkey security, stability, or performance and meets certain criteria, the software may be blocked from general use. For more information, please read this support article. Blocked on February 25, 2013. View block request. https://bugzilla.mozilla.org/show_bug.cgi?id=843373 Bug 843373 - Please Enable CTP for all released versions of Java Status: VERIFIED FIXED Whiteboard: [plugin] Keywords: Product:addons.mozilla.org Component: Blocklisting Version:unspecified Platform: All All Importance: -- normal (vote) Target Milestone: --- Assigned To:Nobody; OK to take it and work on it QA Contact: Paul Silaghi [QA] URL: Depends on: Blocks: Show dependency tree / graph Reported: 2013-02-20 15:12 PST by Yvan Boily [:ygjb][:yvan] Modified: 2013-02-27 07:31 PST (History) CC List:22 users (show) See Also: Crash Signature: V.7 update 15 is working for me on one site, but not on another (running SM 2.15.2, Win7). Recently it was working everywhere. And before that the same spotty results as today with the same sites working and not working. Frankly, using java in SeaMonkey has become an exercise in masochism, and I've stopped trying. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Java is Blocked again today
Roger Fink wrote: Original Message Se 7 u15 seamonkey 2.16 worked this morning .. https://addons.mozilla.org/en-US/seamonkey/blocked/p294 Why was it blocked? Old versions of the Java plugin are potentially insecure and unstable. All users are strongly recommended to update on our plugin check page. Who is affected? All users who have these versions of the plugin installed in Firefox. What does this mean? The problematic add-on or plugin will be automatically disabled and no longer usable. When Mozilla becomes aware of add-ons, plugins, or other third-party software that seriously compromises SeaMonkey security, stability, or performance and meets certain criteria, the software may be blocked from general use. For more information, please read this support article. Blocked on February 25, 2013. View block request. https://bugzilla.mozilla.org/show_bug.cgi?id=843373 Bug 843373 - Please Enable CTP for all released versions of Java Status: VERIFIED FIXED Whiteboard: [plugin] Keywords: Product: addons.mozilla.org Component: Blocklisting Version: unspecified Platform: All All Importance: -- normal (vote) Target Milestone: --- Assigned To: Nobody; OK to take it and work on it QA Contact: Paul Silaghi [QA] URL: Depends on: Blocks: Show dependency tree / graph Reported: 2013-02-20 15:12 PST by Yvan Boily [:ygjb][:yvan] Modified: 2013-02-27 07:31 PST (History) CC List: 22 users (show) See Also: Crash Signature: V.7 update 15 is working for me on one site, but not on another (running SM 2.15.2, Win7). Recently it was working everywhere. And before that the same spotty results as today with the same sites working and not working. Frankly, using java in SeaMonkey has become an exercise in masochism, and I've stopped trying. On Pogo.com Some Games that use Java Work fine, Then other games that is use Java tells me I need to install JAVA . In seamonkey Ad on manager it Tells Me that Java 7 u 15 IS KNOWN TO BE VULnurable .. But it is not Disabled .. In java Consul Mozilla will not Stay Checked . ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Java is Blocked again today
Se 7 u15 seamonkey 2.16 worked this morning .. https://addons.mozilla.org/en-US/seamonkey/blocked/p294 Why was it blocked? Old versions of the Java plugin are potentially insecure and unstable. All users are strongly recommended to update on our plugin check page. Who is affected? All users who have these versions of the plugin installed in Firefox. What does this mean? The problematic add-on or plugin will be automatically disabled and no longer usable. When Mozilla becomes aware of add-ons, plugins, or other third-party software that seriously compromises SeaMonkey security, stability, or performance and meets certain criteria, the software may be blocked from general use. For more information, please read this support article. Blocked on February 25, 2013. View block request. https://bugzilla.mozilla.org/show_bug.cgi?id=843373 Bug 843373 - Please Enable CTP for all released versions of Java Status: VERIFIED FIXED Whiteboard: [plugin] Keywords: Product:addons.mozilla.org Component: Blocklisting Version:unspecified Platform: All All Importance: -- normal (vote) Target Milestone: --- Assigned To:Nobody; OK to take it and work on it QA Contact: Paul Silaghi [QA] URL: Depends on: Blocks: Show dependency tree / graph Reported: 2013-02-20 15:12 PST by Yvan Boily [:ygjb][:yvan] Modified: 2013-02-27 07:31 PST (History) CC List:22 users (show) See Also: Crash Signature: ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
