20
Sep, 2013
Bobby
Software Security
Java has a long history of being insecure. Luckily, we can curb most of the threat by just unplugging it from our browsers. Disabling the Java plugin is a good compromise between uninstalling it completely and leaving it on all the time. That way, if you ever need it you can just re-enable the plugin for a short time then disable it when you’re finished.
I used the latest version of each browser at the time of this writing: Chrome 29, Firefox 24, IE 10, Safari 5, Opera 16.
How To Unplug Java From Your Browser
Select your browser below.
Open Chrome, then type about:plugins into the address bar and press [Enter]
Find the Java plugin and click Disable.
It should have grayed out the plugin and now read Disabled. There are two elements to the Java plugin, and it should automatically disable both. But you can always check by clicking Details in the upper right of the window and verifying both of them.
Open Firefox, then click Firefox in the upper left corner, then Add-ons.
Select Plugins on the left. Then find the Java plugin, click the drop down menu on the right, and select Never Activate. Make sure to do it for both parts of the plugin.
If you need yet another reason not to use Internet Explorer, here you go. Completely disabling java in IE is not easy. Even if you disable it in the browser’s plugin management, there are still ways to exploit the Java plugin.
If for some reason you cannot avoid using IE, follow the instructions below, then go to this site and follow the rest of the instructions. It will not be easy for most users. It requires making significant changes to the registry. Not only is it more advanced, but it’s easy to really mess something up when you start playing with your computer’s registry. You’ve been warned… 😉
Open IE, click the gear icon in the upper right corner, then Manage add-ons.
Find the Java plugin, highlight it with one click, then click Disable.
Click Disable in the window that pops up.
Make sure that both parts of the Java plugin are disabled. If that only disabled one of them, repeat the process for the other one until they both show Disabled.
Open Opera, then type opera:plugins in the address bar and press [Enter].
Find the Java plugin and click Disable. Both parts of the plugin should be disabled automatically, but you can verify by clicking Show details in the top right of the window.
Open Safari, click the gear icon in the upper right corner, then select Preferences.
Select the Security tab, then uncheck Enable Java. The JavaScript checkbox you see is not related, you may leave it alone.
Please note that this does not uninstall Java from your computer. If you have applications installed that require Java, they will still run. But if you visit a website that needs Java enabled, you’ll have to manually enable the plugin by following the same process you took here.
I would stress that you should only re-enable the plugin if you absolutely need it. Not every website that tries to run Java actually needs it to function. Besides, the whole point is to avoid running malicious Java code in your browser, so be extra selective where you decide to run it. Even if you trust a site and it has a good reputation, there’s always the possibility the site was compromised by hackers. There is no way to tell if the Java code that’s trying to run is malicious or not. Remember, you’re the biggest security feature your computer has.
Related Articles