On a daily basis, we are bombarded with confusing error messages that can lead to making bad decisions about our online security.
Whether from Java, our browsers, EMET, or some other source, here’s what you should know about the warnings.
Sorting out problems with Java security
I live in California, where the car is king — a MINI Cooper, in my case. At a stop light, I’m fully aware that red means stop, green means go, and yellow means slow down (in theory; this is California, after all). If only warnings on our computers were that clear and simple. All too frequently, our Web browsing is interrupted with confusing security warnings — not just from websites but also from Web-enabled devices and, more recently, Java-enabled platforms.
Many of these warnings lack any real explanation, making it difficult to understand the security consequences of the options we’re offered.
For example, after the recent Java V7 Update 51 has been installed, Java apps need to be signed with a digital security certificate. If they’re not, they’ll be blocked from running. I ran into this problem with my Western Digital My Cloud network-storage device; it would no longer run its Java-based, mapped-drive application. Instead, I received an error message stating: “Java error: Missing required Permissions manifest attribute in main jar.” (Is that obtuse, or what?)
The workaround for the missing certificate was to place an exception in the Java control panel. (I don’t recommend following Western Digital’s instructions to lower the security settings, as noted on its help site.)
Unfortunately, where to put that exemption was at first elusive. According to the Java instructions, it’s located in the Java control panel, under the Security tab (see Figure 1). But it wasn’t there. Eventually, I discovered that I had both 32-bit and 64-bit Java installed. Removing the 64-bit version revealed the previously missing exemptions control.