Take control of Java on your Apple Mac
Malware like Flashback has exploited security flaws in Java on the Mac to infect it with a Trojan. This article aims to anmswer key questions you may have regarding Java. Do you have Java? Which version of Java do you have? Is it enabled or disabled? What if I need Java to access a website? How do I view or change the security settings? All is revealed here.
Unlike other operating systems, Java is supplied by Apple and is part of OS X. You can't download it separately, although this situation may change in the future. So to make sure that you have the latest version of Java you should use Software Update on the Apple menu. Malware like Flashback infects systems by exploiting known security flaws, so if you are running an out of date version of Java, your Mac is at risk. The latest update plugs those security holes. It is the first step in boosting the security of your Mac and browsing the web safely.
Java isn't used a lot on the web, but some websites do make use of it and it may be essential for Java to be enabled in other to use the site. To see if Java is enabled and what to do if it isn't, go to a website that has some Java applets. This web page from the the Java website is designed to show what Java is capable of and there are a number of demos. Pick one and click it. (They don't show the real power of Java, they are just example files for programmers learning the language.)
When you try to run a Java applet in a web page, you should get a message about an inactive plug-in. This is normal and it is the latest security feature in OS X. It disables Java if you don't use it very often. Click the message and there is an option to enable the Java plug-in. Unfortunately, it is not very user friendly and you have to close Safari and restart it then return to the page with the applet. It's a bit of a nuisance and it would be better if you could just click to run it without restarting.
Go to the Applications/Utilities folder and run Java Preferences. On the General tab is a tick box to enable or disable Java in web pages. If you just tried those sample Java applets, it will be enabled. Unless you plan to use Java soon, you should clear the tick to disable it. OS X will do this itself eventually, but there is a pretty long timeout and you are better off disabling it yourself.
On the security tab are websites that can run Java without prompting. Unless you can think of a good reason for sites being here, you shouldn't have any. Delete any that are there.
Java stores any files it uses on web pages and the network tab lets you set the amount of space used to store them. Some Java apps can be quite big, so 1000Mb is set aside for them. You can reduce this figure using the slider and half this amount should be sufficient for most people. The files in the cache can be viewed and you can delete them (any deleted files are simply downloaded again next time you run a Java app).
On the Advanced tab are some useful security settings. There are quite a few so I won't list them all. Just make sure nothing runs without permission. If a Java app tries to do anything, you want to be warned and have the option to say no. So settings like Prompt User instead of Always Allow are better for security.
Boost security with FileVault 2