My general idea of the Java Runtime Environment is that it is used for Java based applications. Currently I have Java 6 Update 7 on the computer. My observations is what has led to this "doubt".

I attempted to run a "Housecall" online virus/malware scanner by Trend Micro. Upon initiation, I was told that Java will be used. I confirmed it. I took a look at Certificate details and one details that intrigued me was that it said "This application will run without the restrictions usually provided by Java".

This occurred even after a reformat months ago.

If I proceed to click 'Okay', everything runs normally. However, my doubt is that something may be going on that I am not aware of.

Thanks.

Hi drragostea,

I'll predicate my remarks by stating that I am no expert when it comes to Runtime Environment protocols and the applets/activeX components to which they tend to serve as "container".

You are probably right when observing: "something may be going on that I am not aware of."

However, it probably has much more to do with the developing relationships between Sun Micro Systems, JAVA, Runtime Environments and the various online utilities such as Trend Micro, Symantec, MalwareBytes, Panda, Avir, Kaspersky and others.... than it has to do with your own machine.

Running online scanners has historically been a headache. Sometimes the application would load and run the very first time after accepting ActiveX, and sometimes it would take multiple times to install the ActiveX, whether or not the application eventually loaded and scanned your machine.

There are few "time wasters" that have frustrated me more than attempting to run an online scan, only to eventually declare defeat and then go search out another scan utility. It has been especially frustrating, because when one has the need to run an online scan, one is already frustrated and suspicious of nearly everything about the machine, the net, and whatever may be producing an aberrant computing behavior.

Even if I am specifically wrong in my next speculation, it would make intuitive sense to consider.
Anti-malware scans are some of the most frequently accessed sites.
People accessing online scans have all varieties of OS/application/data/and potentially malware, installed on their machines.
Therefore it is highly important to make correct and secure "handshakes" (and containers) between people's machines and online scans.

So for the sake of "hypothetical" argument, let's suppose that last time you ran TrendMicro online, all went well.
Minutes, days, or weeks later you found need to run TrendMicro again on the same machine, or on a different machine, or on the same machine whose configuration had changed, whether or not your login changed.

Now throw into the mix, that TrendMicro will most likely have updated its database and heuristic engines.

So now what your machine (and the JAVA containers presently being used) will "see" is an entirely different download and engine executable when running an online scan this time, than what it just saw last time.

Imagine, if you will, the tremendous and frequent work that Sun Java has had to do to create "application containers" just for folks to run an online scan whenever they decide to do so. The updates, check-sums, and modifications would have to be an enormous task, just to keep current.

In the present circumstance, Sun Micro has an ongoing-good working relationship with Trend Micro, Symantec, MalwareBytes, Panda, Avir, Kaspersky and others, such that Sun Micro may have devised methods to "share" the certification and check-sum burden with the trusted application owners.

Thus, TrendMicro may have a proprietary access permission structure with JAVA Sun, so that TrendMicro can do some internal verification/certification of updates, etc. and run with special privilege with respect to the "Rules" that would otherwise be applied diligently in the cases of various lesser known or even home-made JAVA applets/ActiveX components.

The above is "simply how I think about" the circumstance into which you inquire.
I have no hard data, nor any source from which I am drawing.

However, here is a Sun Micro discussion of the Rules and their applications:
http://java.sun.com/blueprints/qanda/ejb_t...strictions.html

Hope this helps.

As for experts who may read this, I stand ready to be corrected as necessary.

Best Regards,
Doug

Thank you Doug for the well-though and thorough explanation. I had to re-read it and think about several times before fully (if not partially) understanding what you meant : (.

So you're saying... it is a lot of work of Java (Sun) to keep up the the growing database and scanning?

I'm still running in a circle, when I try to understand the "container".

In your opinion... maybe perspective, would it be "safe" (yes, this will sound vague) to run the online-scans even though countless dozens of netizens, both un-infected or infected have scanned?

I'm sorry, I'll try my best to absorb all the information. It'll take some time.

This post has been edited by drragostea: Aug 19 2008, 03:48 PM

Hi drragostea,

That's the beauty of JAVA "containers".
Not only do you get your own pristine, clean and freshly provisioned scanning room, they even "build it" at your home residence (inside your computer)

Every user gets a pristine "new build" and you never have to sleep in the same bed that anyone else has ever been in.
Don't worry about changing the sheets.... They're brand new every time.

No two users ever "run" the same scan, since it is "built and provisioned" freshly each time for each user.

You could "roughly" think of it as similar to reformatting a hard drive and installing a fresh instance of the operating system. Nobody has used "that" OS before, even though millions of people have created their own fresh never-been-used-before instance of the same version of Windows or whatever OS you select.

With the above said, (using online scans is safe)... that doesn't relieve you of the responsibility of regular maintenance and good computer use practices.

Clear your Temporary Internet Files and Temp files regularly....
WTT recommends ATF-Cleaner for very good reasons - http://majorgeeks.com/ATF_Cleaner_d4949.html

I also like the automated CleanUP! 4.52 - http://majorgeeks.com/CleanUp_d4895.html
You don't need to run both.
I like the CleanUp! 4.52 for some folks who are neglectful of clearing their Temps.
'CleanUp! has a sound track of a toilet flushing while the garbage temp files are being flushed down the drain.
That gets some people to laughing and practicing that portion of good maintenance more frequently.

Best to Run your machine behind a NAT hardware firewall built into all modern routers.
Best to run an additional two-way software firewall
Best to run with a respected Antivirus.
Best to run with a respected Anti-Spyware
Best to run with Hosts File installed.
Best to run with a passive blocker like SpywareBlaster
Best to allow IE to run Phishing Filters
Best to manually clear your JAVA Cache regularly
Best to keep your OS and all security utilities updated regularly
Best not to open unknown emails
Best not to click on website advertisements.

Best of all - best to use the most important security hardware that you'll ever use while surfing the net - your brain.

Safe-Surfing to you.

Doug

Doug, your explanation and effort in this thread is much appreciated sir.

So, really, the general idea of using the Java application (JRE), whether that be scanning or a simple game, would be played/scanned in a container?

Yes, I've tried CleanUp! and ATF in the past and it was satisfactory. I use CCleaner (no registry cleaning) and it served me well to. I just tend to have a lot of trash in the Recycle Bin. Just a question does CCleaner cover the Java cache? It doesn't say specifically, but it is listed as Sun Java.

I certainly will do "Best to/not..." practices. I just tend to keep a simple "one-of-each" tool in each category.

What still runs in my head, is: "Can I still consult the online-scanner despite the message (no restrictions normally provided by Java)?"
--
I understand what you mean by "container". It's fresh out of the oven. And it is hard work, since definitions and databases are updated frequently and with the burden of millions of users scanning and downloading simultaneously.


I still do not quite understand this. I decided to ask better than not knowing. Does this mean that this will be a strain on Java because if it's "new" then it'll have to download it again and again, whenever the user wishes? If so how?

Thank you. I'm learning like everyone else.

You're doing just fine at the learning thing, and apparently have a fair head-start on best-practice computing.

Don't worry about "putting a strain on JAVA".
That's what it's built for.
Once you've downloaded the ActiveX for a scan (some scans are beginning to offer non-activeX versions) the scan (for instance Trend Micro) will update and be ready to freshly run. The activeX for TrendMicro will "reside" inside of the JAVA Cache for use as necessary. It won't be necessary to reinstall it.

When you Clear your JAVA Cache, out goes the ActiveX for TrendMicro, along with all the other applets that you may have acquired during browsing.

I recommend Clearing JAVA Cache routinely, maybe on a Monthly basis.
When you do, you will be asked to download a fresh copy of the ActiveX from any website that you visit that requires ActiveX for interaction with the site or their utilities.

As for JAVA Runtime Environment itself, you will find that Sun Micro does a pretty good job of updating on a regular basis.
I recommend Uninstalling Runtime Environment followed by a fresh installation of the updated Runtime Environment when a new one comes available.

JAVA has an "auto-updater" called jusched.exe <-- I don't recommend relying upon it.
Clear out the old before adding the new.

Best Regards

I'm not really worrying about putting a "strain" on Java. I just wanted to understand what's happening here.

The quote still runs in my head. I'm not sure if you've answered it, or I'm not looking correctly .

I'll remember to use ATF for the Java cache, and yes I am aware that older, dated versions of Java may be responsible for Vundo/Virtumonde infections.

And I don't reply on "jusched.exe" either I use Calender of Updates.

Thank you and have a good night.

-Eric.

This post has been edited by drragostea: Aug 19 2008, 07:21 PM

And good night to you too.

Maybe I'll recognize what you are asking, and/or have additional information .
Or better yet, one of our experts will drop by with a penetrating answer.

Say, that's a cute potted puppy you have there.

Doug

Haha, , you'll suffice. I actually did learn something new, it's the Java "container".

I hope you'll find an answer (I'm not pushing you ), because at the moment I'm avoiding Java based applications, and this includes Secunia.

The puppy is not mine , but I just like them very much. : )

Thanks again Doug.
--
The reason I opened the thread, was because I was afraid, something might go wrong (hidden) more like a unseen security breach. So that's the general idea.

I'm afraid that for many of us with less than extraordinary technical skill, the best course of action is to be guided by a careful examination of outcome studies.

Who would have known that physical immunization was a possibility before outcome studies suggested that those who had survived cow-pox, could be safe from the lethal small-pox. Similarly, many medicines have been used for centuries with neither doctor nor patient knowing how the medicine performed its function.

Many thousands of individuals successfully use online scans on a daily basis whether guided by ActiveX or VM environments. Others with technical skills, that I don't even dream of, have examined and designed how it can work. Many more have "taken the plunge" and used these valuable tools and have demonstrated the reliability and safety of the practice.

Sun Micro operates with extraordinary disclosure of code and compliance with rules of function. You read in their "details" that the "application will run without the restrictions usually provided by Java".

Think of the "ordinary" use of JAVA-based applications, for instance online gaming.
Such applications can be powered by your local hardware, can benefit from advantages of your operating system and peripheral drivers, BUT cannot "write" new scripts or data records to your machine. When the game is over, it is over as if it never occurred with no permanent changes to your machine and OS.

By its very nature, an online malware scan is designed to detect elements in the operating system and applications that are by definition not noticed by the machine, OS and installed applications. Further, we expect the online scan to accomplish permanent beneficial changes (write functions) in the environment of our machine.

Sun Micro is simply "disclosing" that "the application" (Trend Micro HouseCall) is being given extraordinary privilege to conduct its intended business beyond the ordinary privilege commonly given to other JAVA based application.

You can bet your bottom byte that much scrutiny, testing, validation and reliability was required to be demonstrated in outcome studies before Trend Micro was given that privilege.

We use installed AntiVirus and Antispyware on our machine and consider doing so "best practice". Such installed utilities have at least the same level of privilege in handling our OS and other installed applications. To interact with an "online scan" with similar privilege may be a matter of faith for many of us, but is no more so than what we are required to employ with our installed security utilities.

The metaphors that I've used for description in my posts in this thread are "way over my technical ability level". Someone with "real" technical know-how may be able to answer your questions more explicitly.

For now, I urge you to recognize that the respected online scans are made and maintained to be safe for the average computer user. The "detailed" statements are simply good faith disclosures of the privilege and responsibilities employed by such tools.

Our own Malware Team here at WTT and their hundreds of colleagues around the Internet, would be all over any utility or online offering, if it didn't perform up to their stringent standards.

Best Regards

Quite a explanation. I guess it cleared my doubts, and gave me somewhat a better understanding.

Thank very much Doug.