Home » Mac, Reviews, how to

New in Safari 7: Improved Java Security

11 July 2013 3,000 views No Comment

Computer security is war of increments. Though Apple 'seems' to be a step ahead of late, they aren't sitting back and Safari 7 changes how JAVA is handled.

Computer security is war of increments. Though Apple seems to be a step ahead of late, the company isn’t resting on its laurels and Safari 7, included in OS X 10.9 Mavericks, changes how JAVA is handled.

In the panoply of new features in Safari 7, this one’s pretty minor. Nevertheless, it’s notable in that, although JAVA security issues have faded from public view of late, Apple is pressing ahead.

In OS X Mountain Lion, users could blanket enable JAVA apps via a checkbox in Safari’s top-level Preferences. That said, OS X would automatically turn off JAVA after 90 days and Apple could also disable JAVA via OS X’s integrated malware blocker, XProtect.

Apparently, that behind the scenes hand holding wasn’t enough for Apple.

When OS X 10.9 Mavericks ships this Fall, Apple will adopt a new, more prejudicial approach to JAVA. Although it will be possible to configure Safari to allow all JAVA apps to run without restriction, the default out-the-box setting encourages users to whitelist individual sites/pages where JAVA is used.

Apple has removed the “Allow Java” checkbox (image above) in the top-level of Safari 6’s Preferences. Users are pushed, by design, farther into Safari 7’s preferences where they are presented with conscious choice to whitelist an individual site/page vs applying a blanket “Allow.”

Safari 7: JAVA Done Right?

safari-7-java-preference-settings
Read this review in Spanish
Join the conversation on the OS X 10.9 Facebook Page

Fundamentally, if user gets hit by a JAVA drive by attack when visiting some random (infected) webpage — these days it could be literally any webpage, not just porn or warez — it will because he sought out and then enabled the “Allow Always” setting buried deep in Safari 7’s Preferences.

Moreover, the same settings and individual page/site level of control can be applied to other plugins, like Flash, QuickTime and Silverlight.

Bottom line is you’ve gotta wanna be a bonehead because Apple’s really pushing users to do the right thing in Safari 7 — whitelist JAVA only on sites they actually use…

What’s your take?

Related posts:
What’s New in OS X 10.9 Mavericks
New in OS X 10.9: OpenGL 4.1, OpenCL 1.2
Can My Mac Run OS X 10.9 Mavericks
What’s New in OS X Mail 7
New in Safari 7: Safari Power Saver, Sidebar, Top Sites, More

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.