In case you haven’t heard, there’s a huge hole in Mac OS X’s security in regards to Java that has been there for some time and remains unpatched. This Java exploit is proven to work 100% of the time on all browsers and operating systems that are unpatched, but both Linux and Microsoft Windows are patched. Apple, as yet, remains open and vulnerable.
After learning of this, I quickly wrote some directions on how to disable Java in your web browser on OS X (we’ll be adding more operating systems and browsers later) and how to install both Firefox and NoScript to protect yourself in case you do need to use Java on occasion.
I’ll be honest here, OS X really isn’t that secure. If you use a Mac, be sure to disable Java or at least install NoScript. Otherwise you’re just leaving yourself open to attack.
As for me, I’ve now got Ubuntu 9.04 installed in a virtual machine running a second firewall, NoScript in Firefox, and a few other security hardening measures. Nevertheless, I still worry about this stuff.