Java security warning

Discussion in 'Miscellaneous' started by Gary7, Jan 11, 2013.

  1. Gary7

    Gary7 Rear Admiral Rear Admiral

    Joined:
    Oct 28, 2007
    Location:
    Near Manhattan ··· in an alternate reality
    So apparently our faithful Department of Homeland Security is more skilled at Java threat detection than Oracle?

    Homeland Security urges computer users to disable Java

    Kind of surprising that Oracle didn't make an urgent press release over AP ahead of them.

    Anyway, this isn't the first time it has happened. But it's rather unnerving when reading about the level of compromise it may entail.
     
  2. 137th Gebirg

    137th Gebirg Vice Admiral Premium Member

    Joined:
    Aug 31, 2000
    Location:
    Who is John Galt?
    Hmm...more reason for me to hate Java than I already do.

    Not surprising Oracle didn't announce this right away. They inherited it from Sun when they bought them, so they probably A) didn't bother to check and, therefore, didn't know about it right away and/or B) don't feel like they have as much ownership over it as, say, their database software, much in the way they treated PeopleSoft right after purchasing them (still don't know why they did that - I worked with PeopleSoft for 3 years and it was pure shit). Either way, I don't think would look good to their shareholders, so there may have been wishful thinking on their part that it would have gone undiscovered if they had known about it all along.

    I am surprised that DHS found this, though, and not some kind of independent IT watchdog group. But since there is a veritable ass-ton of stuff written in Java everywhere, particularly within gov't circles, they probably felt it was worthy of a second, unbiased look. Surprise! :D

    So glad this bird is finally coming home to roost. I hated Java when I first experienced it back in the 90's and I still think it's an over-engineered monstrosity.
     
  3. Gary7

    Gary7 Rear Admiral Rear Admiral

    Joined:
    Oct 28, 2007
    Location:
    Near Manhattan ··· in an alternate reality
    ^ Then I take it you hate Windows when a particularly destructive virus appears on the scene and foils a number of anti-virus programs before it can be stopped?

    Java works and is actually much more powerful than most other languages used to write web enabled applications. Yes, it's not perfect and it got off to a rather rocky start (the garbage collection fiasco was ridiculous), in addition to it being utilized incorrectly. Peoplesoft should not have moved to Java then--it was seriously premature. So that gave Java a black eye, because Sun Microsystems should have discouraged Peoplesoft for being a guinea pig.

    So, no bird has come to roost. A security flaw was uncovered BEFORE malware could be written to take advantage of it. But given the flavor of your wording, you've got a vendetta against the language and just can't wait for the next flaw to appear.
     
  4. Lindley

    Lindley Moderator with a Soul Moderator

    Joined:
    Nov 30, 2001
    Location:
    Bonney Lake, WA
    Does this flaw also affect Android phones, since Android basically is Java with a few hacks thrown in?
     
  5. 137th Gebirg

    137th Gebirg Vice Admiral Premium Member

    Joined:
    Aug 31, 2000
    Location:
    Who is John Galt?
    No, but I do hate Windows in general for reasons far too numerous to count and I hope the new Windows 8 by Fisher Price buries it once and for all.

    No vendetta, just bad experiences from...well...experience.

    As a side note, this thread probably belongs more in either Science and Technology or Web Sites/Design.
     
    Last edited: Jan 14, 2013
  6. Bumbles861

    Bumbles861 Admiral Premium Member

    Joined:
    Oct 14, 2009
    Location:
    bbailey861 -- Kingston, ON
    Patch is out.
     
  7. Robert Maxwell

    Robert Maxwell so far this is a dumb future Premium Member

    Joined:
    Jun 12, 2001
    Location:
    comments 2 my butt
    It is a flaw only in Oracle implementations of Java, so those would be the Java 7 runtimes on Windows, Linux, and Mac. Since Android's Dalvik is a proprietary reimplementation, the same vulnerability is not present.
     
  8. Gary7

    Gary7 Rear Admiral Rear Admiral

    Joined:
    Oct 28, 2007
    Location:
    Near Manhattan ··· in an alternate reality
    ^ Thanks for confirming my suspicion, Robert.
     
  9. Sector 7

    Sector 7 Vice Admiral Admiral

    Joined:
    Mar 27, 2008
    Location:
    Rural North Carolina
    Avast! pop-up alert warned me of this yesterday. Thanks for the information.