(Topic ID: 145690)

Pinballlife.com


By maxwell

4 years ago



Topic Stats

  • 307 posts
  • 71 Pinsiders participating
  • Latest reply 4 years ago by Wolfmarsh
  • Topic is favorited by 8 Pinsiders

You

Topic Gallery

There have been 23 images uploaded to this topic. (View topic image gallery).

update.jpg
rick-james-cold-blooded-300x299.jpg
java_installed_on_my_desk.jpg
toooooonnnnnnnny.jpg
HTP.gif
7a7b83bb-999b-438a-8cdf-1e5f350b2c21.jpg
yahoo.jpg
Java.jpg
haxor.jpg
hacked2.png
science-dog1.jpg
image.jpg
image.png
expert.jpg
litter.jpg
Computer_Buttons.jpg

You're currently viewing posts by Pinsider vid1900.
Click here to go back to viewing the entire thread.

#5 4 years ago

I just tried it and it did not install a virus - BUT I do not have Java installed.

NEVER install Java on your computer, and always disable it if you somehow have it.

Check here if you have Java, if you do, kill it.

https://www.java.com/en/download/installed.jsp

-6
#8 4 years ago
Quoted from maxwell:

Thanks vid...guess I don't know enough about computers because I do have Java and it's enabled because it always says that some websites need Java to be viewed correctly and it provides a better internet experience. Thanks, I'll disable it.

As far as I can tell, Java is only used to install malware on computers .

10
#12 4 years ago
Quoted from Pinchroma:

This is ridiculous advise that no one should follow. Every single trading institution, bank, and most governmental municipalities use Java applets on their pages as do tons of cots software. What you need to be cognizant of is WHAT site you are on and whether or not the Java app is properly signed by which company and if the signing matches the company domain.
Sticking your head in the sand isn't a valid method of security. At all.
You might as well go remove:
Flash,
Adobe reader,
Shockwave,
Chrome plugin execution,
Firefox plugin execution,
Nss-api,
Npapi,
Etc. as they all have identical if not more attack vectors.
Java at least provides not one, not two, but 3 confirmation requests before running an application and denies by default if the app isn't at least running a valid SSL certificate.
If you don't know what you are running, Java or not isn't going to fix that.

Even your other favorite security risk, Adobe Flash, will soon be no longer.

People are generally not computer experts and will make mistakes like typing in the wrong url.

Normal people: Make sure you kill off Java- Virtual Virus Machine. (if some porno website says you need the Java plug-in, go to xhamster.com instead.....)

#30 4 years ago
Quoted from Pinchroma:

If you are apt to take Vids advice I recommend you go back to using a piece of slate, hammer, and chisel because that's the only way you will be able to communicate without fear .

Forget your fear, just uninstall Java.

I have not had Java installed in 2 years. Every normal website works fine.

The few sites I've seen that want the Java Plug-in installed, I skip.

When I went to the fake url for Pinballife.com, nothing happened. No redirecting, no malware installed, no fake pop-up telling me that Windows has detected a virus and do I want to clean it. Nothing.....and that's a good thing.

Even the Department of Homeland Security has told users to uninstall Java way back in 2013 - it is a needless security risk.

-

Flash is next. Kiss that sonobitch goodbye and good riddance !!!!!!!!!!!!!!!!!!!11

#34 4 years ago
Quoted from Patofnaud:

Gee how convenient for this virus warning to pop up AND include a place to call to fix it!!!

That's the social engineering aspect to many of the scams.

You are in a hurry to finish that spreadsheet, presentation or paper. Your computer puts a big stress upon you, suddenly being locked up. Then almost by magic, the solution pops up, right in front of your eyes.

-

Same as when people get the phone call that they skipped jury duty and now the county is issuing a warrant for their arrest.

Scammer: This is Sheriff Kickass with the Dale County sheriff department, is this Joe Average?
Joe: Yes. What can I help you with?
Scammer: It is my duty to inform you that a bench warrant has been issued for your arrest for not reporting to jury duty.
J: But....I...never got any notice!!!!
S: Sorry, you chose to ignore two notices, now you get to appear before the judge, but on the other side of the table. Maximum penalty is 15 days in jail and or $1500 fine.
J: What???? I never got a single notice. I was out of town for a few weeks and my neighbor was collecting my mail. Maybe she lost it or something, she's 90 years old !!!! Maybe my wife thought it was junk mail.....!!!!
S: Sorry, you should not have ignored the law.
J: I ALWAYS go to jury duty when chosen. There must be some crazy mistake!
S: Well, you have attended jury duty in the past?
J: Yes, absolutely.
S: Hmmm...let me see if I can manually update your jury status....OK.....Yep....here it is....Let me verify your information....date of birth?
J: 1/15/1960
S: Current address?
J: 666 Mockingbird Lane
S: Social Security number?
J: 492-11-1113
S: Finally for security verification, your mother's maiden name?
J: Smith.
S: OK, Joe, I've changed your Jury status to active again. You should expect a new notice of duty in the next few weeks. I suggest you take it seriously this time.
J: Yes, sir. I'll report the moment I get it. Thank You so much!!!!!!!!

^ true story how a guy at work got his identity stolen. He got stressed out, then was flustered enough to give out all his personal information without resistance.

12
#38 4 years ago
Quoted from markmon:

This is one of the most ridiculous/uneducated/incorrect statements I've ever heard. Java is a platform that runs apps from the Java programming language and they're not all malware.

Obviously I was being sarcastically outrageous.

But almost all web based malware is installed through Java.

Java is crap, just uninstall it.

Chrome got rid of it 6 months ago, did anybody miss it?

#44 4 years ago
Quoted from spidey:

Sorry you work with stupid people.

Yeah, when he told me about his "Close call with being arrested for skipping Jury Duty" I was like WTF, let's call the Sheriff's office and see why a sheriff's time is being used for a job that could be done by a $7 a hour temp worker.

Needless to say, no one at the Sheriff office knew anything about it.

About a month latter it was on TV about how many people had been taken by the scam.

#47 4 years ago
Quoted from centerflank:

Next, in his infinite knowledge will say leg levelers cant be painted and will ruin your carpet.

Yeah, that was another classic.

The master had spoken.

#51 4 years ago
Quoted from maxwell:

Does anybody find this amazing....one person goes on it and it does nothing, another goes on it and it mimics pinball life, another goes on it and gets redirected to a directTV site, I go on it and get a virus. Is that weird?

It's not weird, it's the scamware taking advantage of whatever it can.

It did nothing on my computer, because it could not find Java.

On my phone it redirected me to a weight training supplement.

....it will take whatever you give it, and run with it.

10
#68 4 years ago
Quoted from Pinchroma:

So many clueless people its shocking. Java is just one of MANY MANY vessels and not even a predominant one for the proliferation of malware.
Using java requires MULTIPLE affirmative user interactions to be able to do ANYTHING. More so than any other mechanism.
I guess the old adage is correct. You can make something idiot proof (multiple alerts), and god will go and invent a better idiot.
Tremendous HUGE RED X's that say "DO NOT PROCEED" and people still click proceed and you guys somehow think that's java's fault? Comical at best. Sad is more like it.
P.S. as much as google is trying to crush npapi which is probably a good thing, their approach is horrible and has caused monumental institutional outages. Just about EVERY browser integration uses it. For example, those of you that use Citrix to connect to work. No NPAPI, no Citrix. Citrix has to rewrite their plugin for a new architecture specifically to work in Chrome now that npapi is disabled.

Quoted from Pinchroma:

Actually you do. CVE-2015-2590. The user is still prompted to accept the runtime and thus provide permission for the exploit to execute. The absolute first component in the javasec library is the infallible call for approval to run any app that hasn't explicitly be put on the "safe" list by the user. Items can only be put on the safe list by MANUALLY putting it there typing the URL by hand, it can't be put there by an accidental click.
One other thing to note is CVE-2015-2590 is the first zero day vulnerability found in java in 3 years prior to its discovery. Ask your favorite browser how many they have had in that same timeframe?
http://thehackernews.com/2015/11/android-hacking-chrome.html
ZOMG Android users, stop using your phones.
The old saying that eternal vigilance is the price of liberty should be copied to the internet world to say:
Eternal vigilance is the price of technology. If you can't trust your own eyes not to do what you are being told not to do then there is no hope for you anyway.

You keep looking more and more foolish the harder you try to defend your reckless position.

Do you think that Maxwell clicked to give his permission 3 times to install that virus? Really???

In your mind, it's always best to blame the victim than to accept that Java installed a virus on this poor man's computer.

You are a sad man.

-

Chrome got rid of of Java 6 months ago.

No giant outcry.

The web did not break.

Everyone still did their banking, Black Friday sales, watched lol cat videos.

Yep 41% of web surfers are no longer using Java and most did not even know it.

=-------------------

UNINSTALL JAVA FROM YOUR WEB BROWSER RIGHT NOW!!!!!

IT'S DANGEROUS AND UNNEEDED!!

Again, check here and make sure that you DO NOT have Java installed:

https://www.java.com/en/download/installed.jsp

#71 4 years ago
Quoted from ovfdfireman:

And run labels at USPS.com

I've printed USPS Priority labels for the last 2 years without Java installed.

Trust me, you don't need Java.

#72 4 years ago
Quoted from ForceFlow:

Sheesh...why are you so against and getting so riled up about a simple security precaution?

He can't quit.

That type of personality is unable to ever just admit they are wrong.

Or I guess it's possible he writes malware and get's paid when we get sprayed?

#76 4 years ago
Quoted from popeboy:

I don't care if anyone uninstalls Java or not, but I can tell you our Warehouse Management System is Java based and is accessed through a web interface (internally hosted).

Of course there are legitimate uses for Java; Cable Boxes, O-scopes, Servers...

But for surfing the web, it's bullshit 3 years past it's expiration date.

java-malware.jpg.jpeg

#93 4 years ago
Quoted from homebrood:

If you want security on your computer as an expert I can tell you,

But, are you a Red Hat Certified Engineer?

You can't be a computer expert unless you wasted money on RHCE certification.

logo_text.png

#101 4 years ago
Quoted from maxwell:

But for the record...all I did was type the address, hit enter, and the virus installed itself with the page that came up.

We all understand that is exactly what happened to you, except for a single person who does not have enough computer experience to understand that things like that can happen.

We are all, with the exception of the above mentioned person, grateful that you brought it to Pinside's attention, because many of us frequent the pinballife website.

And your post gives a much needed reminder to the 55% of the web users that still mistakenly have Java turned on - TURN OFF JAVA - NOW!

malware.jpg

#119 4 years ago
Quoted from Aurich:

Okay Alex, you think you know security?

I can't imagine anyone who knows less about internet security.

#126 4 years ago
Quoted from guyincognito:

And I heard that The Hobbit was delayed for so long because all the computers at JJP got infected by a 0-day Java browser exploit

All joking aside, I hope that JJP is smart enough not to have Alex in charge of the security for the 3rd game that is supposed to have online capabilities.

#127 4 years ago
Quoted from Purpledrilmonkey:

I'm confused.... what does this have to do with Java?

It's has to do with Pinball Life possibly taking the misspelled URL for it's own uses.

#132 4 years ago
Quoted from Baiter:

typically the issue is users who click on the "ok" button on those malware pop-ups rather than dismiss them.

Yeah, but the Pinballllife.com site installs the virus without clicking anything.

......Unless you disabled Java.

#136 4 years ago
Quoted from pinballlife:

What? The misspelled web site is absolutely definitely not owned by me.
Terry.

If you acquired the offending site, you could have it automatically redirect to your proper site.

#167 4 years ago
Quoted from metahugh:

I think Vid is getting flak because he said this in his first post:

Quoted from metahugh:

Having Java installed and enabled in your browser are two different things.

It's as simple as this:

A person surfing the web has not needed Java installed on their web browser in probably 5 years. It's an old, unsafe, pile of crap. It's how malware gets installed without any action from the user.

A person who NEEDS Java installed on their computer (not their web browser), like programmers or kids hacking their Comcast boxes, will KNOW the difference.

UNINSTALL JAVA NOW!

#170 4 years ago
Quoted from Purpledrilmonkey:

I'm disappointed that you guys of all folks need a on my post

It went over my head, lol.

After all the PMs I got about this thread, my perception was off

#189 4 years ago
Quoted from metahugh:

What about those that play Minecraft? They aren't programmers or kids hacking Comcast boxes. Other applications utilize Java and your base recommendation is to "UNINSTALL JAVA NOW" vs disable Java in your browser.

Minecraft installs a contained version of Java that does not open the entire system up to Java vulnerabilities.

The Java executable stays within Minecraft, and is inaccessible to the rest of the system.

Even if you uninstall Java systemwide (and not just in the browser), Minecraft will still work fine.

-

So for the 1000000000 time:

Uninstall Java from your browser - RIGHT NOW!!!!!!!!

Unless you have a specific need for Java in your computer, go ahead and uninstall Java from there too.

(You can always reinstall it, should you suddenly have some need for it)

#197 4 years ago
Quoted from metahugh:

I still disagree about uninstalling Java, but whatever.

If you think you need it, keep it installed.

One day when you get tired of it's constant updates, and it's constant trying to install crapware like the Yahoo search bar along with every update, you can without any guilt, uninstall it.

-

Just like Adobe Acrobat. I got so tired of it's constantly needing to update every time I opened a .pdf, that I uninstalled it and switched to Foxit Reader.

Foxit opens .pdfs 10x faster; and without all the 30mb daily updates.

#198 4 years ago

I've done it the same way before, with varying levels of success.....

#200 4 years ago
Quoted from metahugh:

That shows how long its been since I played Minecraft on my PC Although they still show it being required on their support page:

http://www.howtogeek.com/210907/minecraft-doesnt-need-java-installed-anymore-its-time-to-remove-

(thanks Ted for the link)

#205 4 years ago
Quoted from metahugh:

The link I posted earlier shows Mojang still lists Java as being a required install. You would think they would have updated the page by now.

Java probably gives them a kickback every time somebody installs Java from their site.

You can never have too many Yahoo tool bars installed thanks to those SOBs.

yahoo.jpg

#221 4 years ago
Quoted from maxwell:

I wonder if I had posted that I bought a can of pork and beans at walmart and a black mamba came out when I opened it, would there be a lot of people on pinside passing gas.

Hopefully a few people on Pinside would be passing on.

#261 4 years ago
Quoted from dmbjunky:

Anybody liking Windows 10? I just installed it yesterday. I hope I don't regret it.

It got deployed on all the field laptops at work.

Better than Win8, easier to find stuff, bootup and shutdown is faster.

#262 4 years ago
Quoted from guyincognito:

Does Windows 10 come with Java?

I hope so.

I can't do my online banking or visit porn sites without it.

#263 4 years ago
Quoted from Msch:

Both Apple and Microsoft make fine products.

Yep.

All the cool kids have made their own Hackintosh. 4x as fast, 1/4 the price:

http://www.tonymacx86.com/

#292 4 years ago

Uninstall Java now!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!111111

Promoted items from the Pinside Marketplace
$ 12,500.00
Pinball Machine
Great American Pinball
$ 66.95
Cabinet - Shooter Rods
Super Skill Shot Shop
$ 79.99
Playfield - Toys/Add-ons
Lighted Pinball Mods
From: $ 11.95
Playfield - Toys/Add-ons
ULEKstore
$ 18.95
Playfield - Toys/Add-ons
ULEKstore
$ 19.95
$ 119.95
Boards
Allteksystems
$ 229.99
$ 25.00
Cabinet - Toppers
WOZ Out of stock
Singer Pinball Designs
$ 5.00
Playfield - Decals
Doc's Pinball Shop
$ 28.00
Playfield - Other
Pin Monk
$ 259.00
Cabinet - Toppers
Tilttopper
From: $ 10.00
Electronics
Third Coast Pinball
$ 229.99
Lighting - Other
Lighted Pinball Mods
$ 12.99
Cabinet - Decals
Bent Mods
$ 86.95
Cabinet - Shooter Rods
Super Skill Shot Shop
$ 34.50
Cabinet - Armor And Blades
The MOD Couple
$ 225.00
Cabinet - (Alt) Translites
FlyLand Designs
$ 7,395.00
Pinball Machine
Gulf Coast Pinball, LLC
$ 30.00
Various Novelties
Game Room Info Shop
From: $ 19.99
Eproms
Matt's Basement Arcade
$ 76.95
Cabinet - Shooter Rods
Super Skill Shot Shop
$ 69.95
Playfield - Toys/Add-ons
Hookedonpinball.com

You're currently viewing posts by Pinsider vid1900.
Click here to go back to viewing the entire thread.

Hey there! Got a moment?

Great to see you're enjoying Pinside! Did you know Pinside is able to run thanks to donations from our visitors? Please donate to Pinside, support the site and get anext to your username to show for it! Donate to Pinside