SEARCH the Guide, by date, band, artist, event, festival, etc. (in addition to the sidebar)

Sunday, January 13, 2013

US Homeland Security says disable Java

.
.
Are musicians especially vulnerable?
+
We have all endured years of breathless warnings forwarded by well-meaning friends about some killer virus-or-other that would be the ebola of our computer or other tech device.
+
But this time, it appears that the wolf really is outside the cyber door.
+
The United States Computer Emergency Readiness Team, US-CERT, a part of the Department of Homeland Security, issued a rare advisory on Friday, bluntly telling all computer users to disable Java in their web browsers.
+
Java-maker Oracle says that a fix is coming "shortly." But, as of Sunday morning, there are no indications that the solution is clear, or that a way to universally apply it is close.
+
It's certainly not the first time that computer users have been warned, by some tech guru or other, to disable Java. But this latest security issue rose rapidly to the highest levels of the government agency charged with protecting us, and that is nearly unprecedented. It was first reported by security researchers on Thursday, and within hours, it was deemed the most serious kind of threat.
+
The problem is a vulnerability in the Java Security Manager, a flaw that an attacker could exploit to run code on a user's computer. Keystroke spyware is one possibility that would allow a monitoring entity to copy everything you type.
+
Some prominent companies, not content to wait for a fix, have already moved to block possible exploits.
+
Mozilla has enabled "Click To Play" functionality in Firefox for all recent versions of Java across all platforms -- it was previously enabled by default for older versions of Java.
+
Apple just added recent versions of Java to its blacklist covering all OS X users.
+
Nationally-syndicated radio tech guru Kim Komando is one of several who has posted step-by-step instructions on her site, explaining how to entirely remove Java from your computer.
+
So, why is the Acoustic Americana Music Guide jumping in? Simple. Much of what musicians exchange or send us requires Java to read or view it. That tells us that the music community is especially vulnerable. And since most musicians use PayPal and have vital codes for account access in their computers, along with carefully built e-mailing lists, the damage from a hacker can be especially devastating.
+
Use your favorite web browser to learn the latest, or to find a trusted source that will guide you through disabling or removing Java until it's safe to use it again.
+
We believe it's more important to share this before we worry about updating news of performances or events. Be careful out there.
.
.
~`~`~`~`~`~`~`~`~`~`~
.
The latest full editions of the Acoustic Americana Music Guide are available just below or in the sidebar at left, depending on where you are reading this.
.
.

9 comments:

Anonymous said...

Boy howdy! I checked on this as soon as I read your post. Had not heard A THING about it until you put it up. Immediately disabled my Java, the version that is most vulnerable. THANK YOU! - Rich

Anonymous said...

Damn. Unbelievable. The news is all about weather congress dumbf**ks are still trying to kill economy so they can blame the black man in the WHITE House, and where is anybody in the news with this real warning from the government about something that really could crash the economy? I go to look for a concert, and THAT is where I find out my computer is probably already hacked.

Anonymous said...

Thank you! I would like totally have missed this!!!

Anonymous said...

So I thought you were being an alarmist. Then I went looking and according to all the big tech sites plus abc, cbs, and big newspapers sites, you got it right. I just would not have known, and my computers are on and online 24/7.
Lynn

Anonymous said...

Where were all my facebook peeps on this? Everybody was masticating the usual bool and up pops your link to this on your site. I know it's the weekend, but is everybody but you dazed and confused or something? This is serious sh*t!!!

- Larry, the editor said...

You may have noticed that we censored the profanity, a necessary thing for us to keep our "family-friendly" rating and keep the Guide accessible on all computers in schools and public libraries. - editor

- Larry, the editor said...

You may have noticed that we censored the profanity, a necessary thing for us to keep our "family-friendly" rating and keep the Guide accessible on all computers in schools and public libraries. - editor

- Larry, the editor said...

Thanks to all for your comments over the weekend. All are dated Monday because that's when we moved them here from email and / or approved them on the site for posting. We always welcome your comments.

Anonymous said...

Just found this is still top story on the site. Oracle says it will have a fix on Tuesday. I'm not sure that will undo damage already done. Not just information hackers already got (bank accounts, credit card numbers, etc.) But I wonder if any malware they installed will let them keep spying and stealing. Like if they installed a keystroke copier will it keep sending them everything I do? These things need to be answered by Oracle and we need to make sure we don't do things that can only be seen using Java.