Java security warning

Discussion in 'Miscellaneous' started by Gary7, Jan 11, 2013.

  1. Gary7

    Gary7 Vice Admiral Admiral

    Joined:
    Oct 28, 2007
    Location:
    ★•* The Paper Men *•★
    So apparently our faithful Department of Homeland Security is more skilled at Java threat detection than Oracle?

    Homeland Security urges computer users to disable Java

    Kind of surprising that Oracle didn't make an urgent press release over AP ahead of them.

    Anyway, this isn't the first time it has happened. But it's rather unnerving when reading about the level of compromise it may entail.
     
  2. 137th Gebirg

    137th Gebirg Admiral Premium Member

    Joined:
    Aug 31, 2000
    Location:
    Go Lick The World!
    Hmm...more reason for me to hate Java than I already do.

    Not surprising Oracle didn't announce this right away. They inherited it from Sun when they bought them, so they probably A) didn't bother to check and, therefore, didn't know about it right away and/or B) don't feel like they have as much ownership over it as, say, their database software, much in the way they treated PeopleSoft right after purchasing them (still don't know why they did that - I worked with PeopleSoft for 3 years and it was pure shit). Either way, I don't think would look good to their shareholders, so there may have been wishful thinking on their part that it would have gone undiscovered if they had known about it all along.

    I am surprised that DHS found this, though, and not some kind of independent IT watchdog group. But since there is a veritable ass-ton of stuff written in Java everywhere, particularly within gov't circles, they probably felt it was worthy of a second, unbiased look. Surprise! :D

    So glad this bird is finally coming home to roost. I hated Java when I first experienced it back in the 90's and I still think it's an over-engineered monstrosity.
     
  3. Gary7

    Gary7 Vice Admiral Admiral

    Joined:
    Oct 28, 2007
    Location:
    ★•* The Paper Men *•★
    ^ Then I take it you hate Windows when a particularly destructive virus appears on the scene and foils a number of anti-virus programs before it can be stopped?

    Java works and is actually much more powerful than most other languages used to write web enabled applications. Yes, it's not perfect and it got off to a rather rocky start (the garbage collection fiasco was ridiculous), in addition to it being utilized incorrectly. Peoplesoft should not have moved to Java then--it was seriously premature. So that gave Java a black eye, because Sun Microsystems should have discouraged Peoplesoft for being a guinea pig.

    So, no bird has come to roost. A security flaw was uncovered BEFORE malware could be written to take advantage of it. But given the flavor of your wording, you've got a vendetta against the language and just can't wait for the next flaw to appear.
     
  4. Lindley

    Lindley Moderator with a Soul Premium Member

    Joined:
    Nov 30, 2001
    Location:
    Bonney Lake, WA
    Does this flaw also affect Android phones, since Android basically is Java with a few hacks thrown in?
     
  5. 137th Gebirg

    137th Gebirg Admiral Premium Member

    Joined:
    Aug 31, 2000
    Location:
    Go Lick The World!
    No, but I do hate Windows in general for reasons far too numerous to count and I hope the new Windows 8 by Fisher Price buries it once and for all.

    No vendetta, just bad experiences from...well...experience.

    As a side note, this thread probably belongs more in either Science and Technology or Web Sites/Design.
     
    Last edited: Jan 14, 2013
  6. bbailey861

    bbailey861 Admiral Admiral

    Joined:
    Oct 14, 2009
    Location:
    Kingston, ON Canada
    Patch is out.
     
  7. Robert Maxwell

    Robert Maxwell memelord Premium Member

    Joined:
    Jun 12, 2001
    Location:
    space
    It is a flaw only in Oracle implementations of Java, so those would be the Java 7 runtimes on Windows, Linux, and Mac. Since Android's Dalvik is a proprietary reimplementation, the same vulnerability is not present.
     
  8. Gary7

    Gary7 Vice Admiral Admiral

    Joined:
    Oct 28, 2007
    Location:
    ★•* The Paper Men *•★
    ^ Thanks for confirming my suspicion, Robert.
     
  9. Sector 7

    Sector 7 Vice Admiral Admiral

    Joined:
    Mar 27, 2008
    Location:
    Rural North Carolina
    Avast! pop-up alert warned me of this yesterday. Thanks for the information.