It's the end of another year and holiday season, and thus a good time to help make sure those you visit have Java disabled on their browsers in order to reduce the chances they'll get exploited. Originally posted in 2010, here are the instructions (with few changes) to turn off Java in Chrome, Firefox, Opera, and Safari.
Disable Java in Chrome
- There is no direct UI in Chrome. You have to:
- Go to chrome://plugins (if clicking that link doesn't work, copy/paste it into a new tab)
- Scroll down to Java ...
- Click the blue underlined Disable text link there
- Consider disabling Flash and others too
Disable Java in Firefox
- From the Tools menu, choose Add-ons
- Click Plugins on the left
- Scroll down the list til you see Java Plug-in ...
- Click the ( Disable ) button on the far right
- You should see (disabled) immediately to the right of the Plugin name.
- Consider disabling Shockwave Flash and others too
- Close the Add-ons window
Disable Java in Opera
- Go to opera:config#Java|Enabled (if clicking that link doesn't work, copy/paste it into a new tab)
- Uncheck the Enabled [ ] checkbox if any
- Click [ Save ]
- Click ( OK ) to dismiss the dropdown sheet
- Choose Quit Opera from the Opera menu
- Relaunch Opera
- Go to opera:plugins (if clicking that link doesn't work, copy/paste it into a new tab)
- Click the blue Disable text button to the right of where it says "Java Applet Plug-in..."
- Or simply uncheck [ ] Enable plug-ins at the top to disable Java, Flash, others in one click
- Close the tab/window
Thanks for the update @rchl2k!
Disable Java in Safari and WebKit nightlies
- From the Safari menu, choose Preferences...
- Click the Security (with lock icon) in the top row
- Uncheck [ ] Enable Java
- Close the Preferences window (titled Security at this point)
Bonus: Disable Java in Camino
- From the Camino menu, choose Preferences...
- Click Web Features (with globe/switch icon) in the top row
- Uncheck [ ] Enable Java
- Close the Preferences window (titled Web Features at this point)
Performance boost: disable Flash
Disabling Java will not only increase security (by avoiding all the above-mentioned Java vulnerabilities) but it will increase performance as well because your browser won't waste any network time downloading Java applets, nor will it waste any CPU time running them.
Disabling Flash, though it has fewer vulnerabilities than Java, will likely cause sites to load faster, since much more network/CPU is wasted by all the Flash ads that sites have these days. I disable Flash everywhere but Safari and run ClickToFlash (the 1.6b9 beta works fine) to selectively run Flash on video sites like Hulu and YouTube.
Additional Reading
More on the subject of Java (and Flash) vulnerabilities, additional sets of disabling instructions, etc.
- : Disable Java NOW / Why does the New York Times Chicken-Little HTML5 When Java Exploits Are Real?
- : How to turn off Java on your browser - and why you should do it now by
- : How to disable Java in IE, Firefox, Chrome, and Safari by
- : Apple gets aggressive - latest OS X Java security update rips out browser support by
View
on Twitter