Internet hacker wars. The U.S. Department of Homeland Security is continuing to advise users to disable Java on their Web browsers, despite Oracle issuing an update that the company said would fix the software’s vulnerability to hackers. Oracle, which owns Java, issued an update Sunday that supposedly fixed a security flaw found in the software. The update came after Homeland Security warned users last week of a vulnerability within the software that could be exploited by hackers to install malware on users’ computers. Oracle “strongly” recommended that all users update in order to get the fix.
But Homeland Security said it may not be enough. “Unless it is absolutely necessary to run Java in Web browsers, disable it,” Homeland Security’s computer emergency readiness team said in a note updated Monday. Citing security company Immunity Inc., Homeland Security says the Java update only fixed one of the software’s vulnerabilities; another security flaw remains.
“The patch did stop the exploit, fixing one of its components,” Immunity says in a blog post cited by Homeland Security. “But an attacker with enough knowledge of the Java code base and the help of another zero day bug to replace the one fixed can easily continue compromising users.” Oracle has yet to comment on this latest issue. Before your eyes glaze over reading this article, there are some observations and actionable things to do:
- Put on your “to do” list this week, if not immediately, an update of your PC’s Java software.
- Don’t ignore your computer’s requests to update your software when asked – you do so at your own peril.
- Ensure – yes I know it costs money – that you have an active virus protector running always on your PC.
- As an observation, its a bit silly of Homeland Security to say disable Java on your PC, since 97% of PCs have Java installed on their PC – an nothing runs without it.
- Another observation or suggestion, is to have a dedicated trading PC. Do not answer email, surf the web or allow anyone to use this computer under password lock. Only use this PC for trading and have software on this PC that is related to your trading environments only with only web access to sites that are trusted and known by you. A bit of technical risk management. It’s hard enough to make money in trading without fighting in the heat of trading battles, Internet security at the same time – you don’t want to mess up a trade on this issue.
Love or hate technology, it’s part of our life as traders – as most traders are working online today. You must add Internet security concerns to the long list of required skills to become a successful trader.
Daily Market View: (click here for the video)