It is currently Tue Jul 16, 2019 5:26 pm

All times are UTC - 8 hours [ DST ]

Post new topic Reply to topic  [ 44 posts ]  Go to page Previous  1, 2, 3
Author Message
 Post subject: Current Java security regarding KGS.
Post #43 Posted: Thu Nov 12, 2015 2:46 pm 
Dies in gote

Posts: 42
Liked others: 1
Was liked: 12

From recent discussions in the EGR and other rooms, I see some users are still having trouble connecting as a result of Java security issues. Coincidentally, yesterday, I was at a different computer, and, when I tried to connect to KGS, I had the same security issue. I did a little testing on that computer. I hope to do more testing later. When I do, I'll either edit this message, or add another in this thread.

The computer tested used Windows 7, with Java 1.8.0_60, and Firefox 40.0.3.

To activate the applet, I needed to have these two items in Java exception list.

To run the Web Start Client, I needed to add this one item in the Java exception list.

In the Java Control Panel, "General" (tab), "Network Settings" (button), I had "Direct Connection" selected. Several years ago, I was advised this is preferred over "Use Browser Settings," which is the default.

Currently, my regular computer uses Linux, with OpenJDK version of Java, with JNLP files handled by IcedTea. This will run either client without the need to enter security exceptions. I will give me one or two warnings asking if I'm sure I want to run it.

I tried the above using "https://" instead of "http://", and neither the applet nor web start clients would run. When I entered exceptions that began with "http://", Java gave me a warning, but allowed me to continue.

I said "activate", and not "run" the applet. In starting the applet, I got the pre-MOTD message, but did not get the actual MOTD. When I entered my user name and password, the rooms window did not appear. I believe this is an issue separate from the Java security issue being discussed in this thread.

The applet would not run at all using the Chrome browser. Neither will Chromium run the applet. This is the result of an separate Java issue: The plugin that allows browsers to run Java applets is based on NPAPI. Google says that NPAPI is associated with security holes, browser pages freezing, and other problems. They've withdrawn support for NPAPI. This issue is not expected to be resolved until Oracle or others who are responsible for maintaining Java create a PPAPI plugin for Java. This is also not related to the security issue in this thread.

I haven't yet tested Windows Explorer browser.

Edit: Nov. 18:
On my regular computer, which uses Linux, I switched from OpenJDK to Oracle's Java. As I said above, OpenJDK allowed me to run KGS without requiring me to enter exceptions in a list. It did give me warnings, and asked if I was sure I wanted to run the KGS software.

In switching to Oracle's Java, I found it worked exactly as it did on the Windows computer: I was required to enter security exceptions, as described above. Also, once that was done, the applet would accept my login account name and password, but the rooms window would never appear.

 Post subject: Re: Cgoban being blocked in a future Java security update?
Post #44 Posted: Sat Oct 01, 2016 3:36 am 
Lives in sente
User avatar

Posts: 792
Liked others: 261
Was liked: 323

I updated to the new Mac OS Sierra 10.12 and had no java problems.

Want to see videos of low-dan mistakes and what to learn from them? Brady's Blunders

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 44 posts ]  Go to page Previous  1, 2, 3

All times are UTC - 8 hours [ DST ]

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group