Disable Java on your Mac, How To

I’ve come across an interesting article over at Macworld and though I should share it with our readers. A lot of people will know by now that there have recently been quite a few Java-based security threats that are targeting Mac users. The advice now is to “remove Java from your Mac or, if that isn’t possible, to isolate it to the fullest extent possible”.

Macworld have given a run down of how you should go about doing this, which can be found below: Before you go ahead and take these steps, it’s worth pointing out that removing Java might cause issues for some people. It might break some websites and so forth. I’ve completely remove Java from my Mac and it’s been fine so far.

How to remove Java

Your best option is to remove Java from your Mac altogether; then you won’t have to worry about its security vulnerabilities. Not having Java on your system may break some websites, but I haven’t permitted Java to run in my browser for quite a while now and I’ve run into very few problems. When I do, the culprits have most commonly been Web-based meeting software and some enterprise applications. That’s because disabling Java also disables some other software programs, such as the popular CrashPlan backup tool. If you run into that situation, consider taking the steps outlined below for isolating Java; for other users, however, living without Java may be the most satisfactory course. That way, you avoid the risk that of having your Java reactivated at some point in the future.

The precise process to follow in removing Java depends on the version of OS X you run and the version of Java you use. Whatever those particulars may be, removing Java is fairly easy.

To see whether you have Java installed, launch Terminal and run the following command:

java -version

If you see 1.6 or 1.7 in the response, navigate to the /System/Library/Java/JavaVirtualMachines/ directory and delete it. Alternatively, use the command line:

sudo rm -rf /System/Library/Java/JavaVirtualMachines/

(As always, type very careful when using the sudo rm command.)

If your Mac suddenly asks you to install Java, either Java isn’t on your system or you installed the nondeveloper version of Java 7 (the more common situation). In that case, remove Java 7 with these command lines:

sudo rm -rf “/Library/Internet Plug-Ins/JavaAppletPlugin.plugin”

sudo rm -rf “/Library/PreferencePanes/JavaControlPanel.prefpane”

If you run into problems, select your Mac’s hard drive in the Finder, search for those two files, and send them to the Trash.

How to isolate Java

Isolating Java means leaving it on your Mac, but removing it from your browser except when you want it to run. Apple now does this by default for all Macs (10.6 and later) and will re-isolate it after about a month even if you’ve turned it back on. Isolating Java is a bit more complex now that Apple has removed the Java preferences utility from Lion and Mountain Lion.

If you run Java 6 (the Apple supplied version), you need to restrict it on each of your browsers. In Google Chrome, type chrome://plugins in the address bar and click the link to disable Java. In Safari, go to Safari > Preferences and uncheck Enable Java in the Security pane. In Firefox go to Tools > Add Ons > Plugins and uncheck Java Plug-In.

If you use Java 7, you can disable it systemwide: Go to Preferences > Java > Security and uncheck Enable Java Content in the Browser.

I suggest that you isolate Java in all of your browsers, and then pick one that you don’t use as your main browser and temporarily activate Java there as needed. Doing so will reduce the likelihood that you will forget to turn it off after using it and will leave yourself vulnerable during your day-to-day browsing.

This advice may seem extreme. But when Apple’s own developers are hacked, it’s time to protect yourself.