no no you don't need it in IE Firefox at all plug-in are just for spyware to get in the less the better.
http://www.pcworld.com/article/2025160/its-time-to-rewrite-java-from-scratch-security-expert-says.html
It's time to rewrite Java from scratch, security expert says
If the most recent security flaw in Java is a sign of anything, it's that the time has come for Oracle to rewrite the programming language.
That's the view of Bogdan Botezatu, a senior e-threat analyst with Bitdefender, a Romanian-based maker of antivirus software, who estimates that as many as 100 million PCs are vulnerable to hacker attack because of the latest Java defect discovered this week.
According to Botezatu, Oracle has lost control of Java's code, which is why serious security vulnerabilities continue to emerge in the software.
"Oracle needs to take some core components of Java and write them from scratch," he said in an interview.
http://nakedsecurity.sophos.com/2013/01/11/apple-and-mozilla-just-say-no-to-java/
Apple and Mozilla - 'Just say no to Java'
Mozilla is no slouch when it comes to security and has implemented an almost identical procedure. Mozilla has added all current releases of Java to its add-on blocklist.
FFClickToPlay170In Mozilla's announcement they explain that plugins on the blocklist are forced into utilizing Firefox's Click to Play functionality.
This can be a double-edged sword when it comes to known vulnerable plugins.
The advantage to this approach is that you are prompted every time a website wants to launch a Java applet and you can make an informed decision as to whether you truly need that applet.
The problem is you need to be informed and know enough to choose the right option. Most people are conditioned to click through warning messages and may not get the protect they need against drive-by attacks.
http://www.pcworld.com/article/2025153/firefoxs-pdf-viewer-may-boost-security-by-boring-hackers.html
Firefox's PDF viewer may boost security by boring hackers
A built-in PDF viewer component based on JavaScript and HTML5 Web technologies has been added to the beta version of Firefox 19, Mozilla said Friday.
The browser maker described the built-in PDF viewer as more secure and safer than proprietary PDF viewing plug-ins, like those installed by Adobe Reader or Foxit Reader. However, several security experts noted that it probably won't be free of vulnerabilities.
"For a number of years there have been several plugins for viewing PDFs within Firefox," Mozilla Engineering Manager Bill Walker and Mozilla Software Engineer Brendan Dahl said Friday in a blog post. "Many of these plugins come with proprietary closed source code that could potentially expose users to security vulnerabilities. PDF viewing plugins also come with extra code to do many things that Firefox already does well with no proprietary code, such as drawing images and text."
The built-in PDF viewer currently being tested stems from a Mozilla Labs project called PDF.js. "The PDF.js project clearly shows that HTML5 and JavaScript are now powerful enough to create applications that could previously have only been created as native applications," the Mozilla software engineers said. "Not only do most PDFs load and render quickly, they run securely and have an interface that feels at home in the browser."
Since the viewer uses standard HTML5 APIs (application programming interfaces) it can also run in different browsers and on different platforms, like tablets and mobile phones. A live demo of the viewer running as a Web application is available on the PDF.js website.
"The PDF.js powered viewer in Firefox Beta is the first step to it becoming a fully integrated feature within the release version of Firefox so its benefits can be enjoyed by all Firefox users," the Mozilla software engineers said.
Mozilla did not clarify whether this viewer will be used by default even in cases when a third-party PDF viewing plug-in is installed. The company did not immediately respond to a request for comment.
Less inviting to hackers
