Anne from USA writes “Hi Steve. I have rather a bizzarre problem, that happens when I try to play Canasta (and other games), in Pogo.com. I have recently reinstalled Windows XP, so my Java is up to date. I’m using Virgin Media Security, no bugs etc reported. This is the only problem I’m experiencing – so far! Any ideas what I can do to resolve this? I know it’s a long shot, but I live in hope. ;o) Thanks. Anne
Hi, Anne. Thanks for the great question.
I apologize that we didn’t get to your question in time to help, but, as I’m sure that you’ve figured out, this problem has been resolved. But I am going to go ahead and address it anyway so that people who don’t know what was going on will and you’ll be armed in case it ever happens again.
And therein, really, lies the problem. Java is so ubiquitous that bad guys know that if they can find some way to exploit a weakness inside Java that they can potentially reach a LOT of devices. This is what happened with Pogo. When Java version 7 was released in late 2012/early 2013, some bad guys found a large, exploitable hole in the program and immediately started to try to use it to steal people’s personal information. This was a bigger problem because so many bank and credit card websites use Java to power their information storage pages.
This exploit was so bad that it made national news, whereas most, smaller exploits don’t. It was advised that you disable Java on your machine until the problem was resolved. Pogo initially simply disabled it’s games, but then, when a resolution to the problem was found but the Java update had not made it to all computers, Java started to flash the following message to gamers to give them a choice of whether or not to run the Java application:
This was definitely a frustrating time for those of us who play games on Pogo. I met one of my best friends over the game Shuffle Bump about five years ago, and one of our greatest pleasures (she lives too far away for frequent visits) is to play Pogo games together. Thankfully, the next two Java updates completely eradicated that vulnerability, but you can bet your cart and horse that as long as there are Java vulnerabilities, there will be bad guys ready to exploit them.
I hope that this helps!
~ Randal Schaffer