I'm having an issue with this as well. This is what I see when I try to open a Human vs Computer game.
Java Security Settings
Sort:
locke2002 wrote:
This is not a security problem with Java. This is a problem with the idea that every time you load a Java applet, a general purpose computer program, it can do anything on your computer that any other program you download can do. As we all know, you should only run programs from sources you trust. We trust Chess.com. The problem is that if Chess.com gets hacked, the hackers could replace the chess applet with a duplicate chess applet (so you don't realize anything is wrong, you can still play chess!) but that also contains a trojan payload, infecting your computer and allowing malicious abuse of your computer.
To avoid that scenario, Java is requiring that all applets be Signed. This is a common computer/internet security feature that allows your computer to compare the signature on the applet to determine if it is legitimately from Chess.com, or an imposter (to simplify things).
If Chess.com doesn't sign their applet, then you can't know it hasn't been replaced, which is why Java has been planning this transition to blocking unsigned applets for awhile. There was even a warning before that we were all acknowledging saying that the applet will be blocked in future versions of Java if it doesn't get signed, and here we are today. Java carried through with their plan, and any unsigned applets are now blocked, forcing websites to address the security vulnerability they have had ample time to prepare for.
Now, you could uninstall the recent version of Java and run an unsigned Java applet. But the preferable solution is that Chess.com signs their applet so we can be sure it hasn't been replaced with a forgery, which they are undoubtedly doing, and why I am waiting somewhat patiently.
Quote from this thread. That provides a good summary of the problem. The shorter version is that chess.com is either too lazy or incompetent to get their Computer vs Human java applet signed, and in doing so they are putting their users at risk as well as making the program unusable for people using the newest version of java.
There are two solutions at the moment. You can either downgrade to an older version of java, or you can turn your java security level down to medium from the default (high). Turning it down to medium worked for me. You may also have to add http://cssjs.chesscomfiles.com and http://www.chess.com/ to your exception site list. Both of these settings can be found in your java control panel. I reccomend turning your security level back up to high when you are done.
Edit:
Also make sure that you restart your browser after changing your security setting.
Thanks smellyhobo101, but that does not work with Java 7.
How does one request that this be updated. I think paying subscribers deserve that consideration.
The're working on it.
Feb 24, 2014
0
#6
RonaldJosephCote wrote:
The're working on it.
If by, "They're working on it", you mean they're ignoring any problems with the current software and instead working on the new version of the Chess.com rollout, then I agree. (The only good thing I've heard is that Erik said the new version won't use Java at all. That's actually good news.)
I'm just relaying the message. I don't speak for chess.com, but the Java thread has been up for a couple of months. All that computer speak is way over my head.
dwilson962 wrote:
Thanks smellyhobo101, but that does not work with Java 7.
How does one request that this be updated. I think paying subscribers deserve that consideration.
The workaround is for java 7. Java 6 doesn't even have this issue so what else would it be for?
Maybe I didn't explain well enough. To get it working do the following:
1. Open the start menu, click all programs, open the java folder, then "Configure Java"
2. Go to the security tab and turn the security level down to medium from the default (high).
3. Click apply, and restart your browser.
If that does not work, go back to the security tab and click the "Edit Site List" button and add
http://cssjs.chesscomfiles.com and http://www.chess.com/
to the list. Then restart your browser again.
Sorry, SmellyHobo101, I was imprecise in my response. I programmed in Java before I retired and I do understand what you are doing. I have to admit that this is security issue, but that is another story.
I did that procedure and experimented with different pathing options. The problem at the end was that the Java applet threw an invocation exception. I was not in the mood to debug code I could not see, so I gave up.
Two things, your procedure is correct, and second, the exception was unexpected.
Java seems to be blocking one of my favorite functions, 'Finish game vs computer'. My Java security panel only gives me a choice between high and very high.
Apr 26, 2015
0
#12
dario60,
This began for me a few days ago. It's a problem that has happened off and on for years. I have learned to just wait until this site fixes something. If you go through all the nonesense of unloading, reloading, checking boxes, and unchecking boxes you will wind up wasting your time and exactly where you are now. This is not a computer issue. This is a frequent site issue.
I am looking for the correct Java Security Settings for the Human vs Computer Java Applet.
Surely, this would be a FAQ in the help some where.