How to fix: Java Application Blocked (e.g. when using iKVM)

Terry Kennedy

Well-Known Member
Jun 25, 2015
1,082
532
113
New York City
www.glaver.org
We show you how to fix the Java Application Blocked, Application Blocked by Java Security error for web launched Java applications such as iKVM
You can preload the list of allowed sites. The file exception.sites located in the directory \Users\username\AppData\LocalLow\Sun\Java\Deployment\security (on Windows 7 and similar) is a plain text file, with one line per allowed site, with either the http:// or https:// prefix.
 
  • Like
Reactions: Patrick
May 8, 2015
142
24
18
31
The real fix here would be for these vendors to stop using java... Kind of insane that something that can be so critical is run on such an insecure platform with a history of constant exploitation.
 
  • Like
Reactions: coolrunnings82

cesmith9999

Well-Known Member
Mar 26, 2013
1,300
409
83
I have been hoping for that real fix for 14+ years... I had a laptop that had to have 12 different version of java to work all of our SAN/networking equipment.

this version for Brocade
this version for Xio
this version for the HSG80
...

only now with HTML5 is this becoming a reality.

I have 3 arrays that do not need java to be managed.

Chris
 

TuxDude

Well-Known Member
Sep 17, 2011
615
338
63
The real fix here would be for these vendors to stop using java... Kind of insane that something that can be so critical is run on such an insecure platform with a history of constant exploitation.

I have no love for Java, but it does have its uses and isn't going to be going away any time soon. Web apps using client-side java do need to die though. Run whatever you like server side and present it in a standard HTML5 UI that works properly regardless of whether I'm doing the work from my office desktop, or cell-phone while standing in the datacenter.

I also find it very ironic that you could replace 'java' in that quote with 'windows' and it just makes the quote even more true.
 
May 8, 2015
142
24
18
31
I have no love for Java, but it does have its uses and isn't going to be going away any time soon. Web apps using client-side java do need to die though. Run whatever you like server side and present it in a standard HTML5 UI that works properly regardless of whether I'm doing the work from my office desktop, or cell-phone while standing in the datacenter.

I also find it very ironic that you could replace 'java' in that quote with 'windows' and it just makes the quote even more true.

While this may be true. Windows isn't what it once was. Security is light years ahead of what it used to be. The Windows issue is that it has to support so much legacy crap. That being said things like EMET and app locker go a long way to mitigate a large portion of threats. There's a reason why a code execution vulnerability with a POC exploit that bypasses all of the exploit mitigations is so valuable as a bug bounty. It wouldn't pay out 6 or even 7 figures if it was easy to do. Don't get me wrong, I'm not trying to defend Windows. There's still loads that can be done. Just saying its way better than it used to be. The same can't be said for things like Java or flash.
 
May 8, 2015
142
24
18
31
And I'm ranting now but I will say this... Maybe it's not the software that's the issue. Maybe we need to start training our developers from the beginning to code with security in mind instead of as an afterthought...
 

cesmith9999

Well-Known Member
Mar 26, 2013
1,300
409
83