Wednesday, March 27, 2013
Oracle's Java has been shown to be chock full of holes, but some people need to have it. This doc will outline some changes you should make to tighten it up a bit. To make these changes, open the Java control panel.
Set daily update checks
With the recent spat of security reports, you want to keep Java up to date. By default, it only checks for updates once a month. Change that to daily in the Update tab:
Move the slider
Next, go to the security tab and move the slider to High. If you don't have a slider here, your java needs to be updated via the Update tab:
Enabled online certificate checks
Finally, click on the Advanced link on the Security tab and enable both the enable online certificate validation and Check certificates for revocation using Certificate Revocation lists. The former tells Java to check online for the status of any certificate presented to it, and the latter tells java to chek online to see if a Certificate Granting Authority has issued a revocation for a given certificate. With these options checked, a bad certificate may be allowed.
Disable elevated priviledges for self-signed certificates
Anyone can make a self-signed certificate, so you want to disable granting elevated privileges for those.
Edited on: Wednesday, March 27, 2013 11:34 AM
Categories: Other Software, Work