Oh for pity's sake!

This heavy handed approach of randomly blocking a plugin is stupid. How about a polite warning with a yes or cancel choice? There are legitimate uses for Java, for example the stockroom system at the place where I work, that this breaks. Yes, there are workarounds by editing files buried in OSX but that is very much a hack. When did Apple suddenly start to take this sort of choice out of the user's hands?

All Java, or the Java plug-in?

the article makes it sound like all of Java is blocked. is this the case? i'm able to run jEdit right now, which is written in Swing and Java, and it seems to have no issues. if Apple has only disabled the plugin in the browser, it's important to differentiate this.

Article is incorrect

Your article states: “As a consequence, Java can't be used at all in OS X until Oracle issues its next patch.� This is alarming, if it were true. But it’s NOT true. Desktop Java apps like Eclipse can still be used, but all Java browser applets are blocked.

I work in IT and, although I’m no fan of Java, I have to use it because many vendors’ sys admin utilities are written in Java. Those still work today on my Mac, which has the latest Xprotect (Apple anti-malware) definitions that were released this morning.

Those were supposed to be quote marks

The strange Euro symbols in my previous post were quote marks. Electronista is using the old ISO-8859-1 character set instead of Unicode. Ah well.

Apps vs Applets

What is blocked, albeit crudely, by Apple is the plugin for Safari that lets a Java Applet run inside Safari. As far as I am aware Java applications running outside a browser are fine. What Apple does is to update a file that tells Safari which plugins it is allowed to load. If the java runtime, which runs local applications, had been disabled then people would be screaming from the rooftop because jEdit, Eclipse and a whole host of other code would stop working. This includes a java based cross platform data acquisition and analysis platform that I've been working on for the last ten years!

Workaround with Disclaimer

I have developed a LaunchAgent / script combo that deletes the file located at "/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist".

Discalimer:
The XProtect.meta.plist file is meant to protect you against malicious files and application versions but the only two listings in there for 10.6.8 users is the 11.5 version of flash and forcing the minimum version to Java 1.7. So beware, I take no responsibility for you using these files/techniques if you should have an insecure applet or java virus floating around your network and you get infected it's your problem.

The LaunchAgent file needs to be owned by root, group wheel permissions as 700.

sudo chown -f root /Library/LaunchAgents/net.yourinitials.deleteXprotect.plist
sudo chgrp -f wheel /Library/LaunchAgents/net.yourinitials.deleteXprotect.plist
chmod -f 700 /Library/LaunchAgents/net.yourinitials.deleteXprotect.plist

If you use Apple's Remote Desktop you can do this with the Copy function and specify the file location, and user : group privileges.

Copy and paste the below into a file called "net.yourinitials.deleteXprotect.plist" and copy to the /Library/LaunchAgents folder.





Label
net.yourinitials.deleteXprotect
LimitLoadToSessionType
LoginWindow
OnDemand

ProgramArguments

./Users/Shared/deleteXprotect.sh
1

KeepAlive

RunAtLoad




ALSO, PART 2

You need to make a file called "deleteXprotect.sh" and copy it to /Users/Shared with owner admin and group wheel, permissions of 700

#!/bin/sh
rm -f /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

Now when you restart your computer it will automatically delete the XProtect.meta.plist file and let gradebook open.

workaround

Looks like they filtered out my code. If you'd like a copy email eric at jdchs.org

Need better news reporting

To echo some of the comments above, computer users, especially more novice users, need better and more precise news reporting. Disabling Java in a Web browser is completely different than completely disabling Java--which is not what Apple is doing. I gave up on Java in my Web browsers a while back. But, I still need to have at least some version of Java installed on my computer in order to fully run LibreOffice. I sure wish the LO developers would get rid of the last bit of Java dependencies on the Mac version of LO.

As long as it's just the java plugin its fine with me. Java plugins, like shock wave and flash were never a good idea to begin with.

comment title

this is what crApple's about, now it's up to you to find and pull out the "black box"