Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #14437

Re: Article: Why you can't dump Java (even though you want to)

Date 2012-05-08 21:19 -0400
From Arne Vajhøj <arne@vajhoej.dk>
Newsgroups comp.lang.java.programmer
Subject Re: Article: Why you can't dump Java (even though you want to)
References <t5giq7l185ms1k9qs9pb4mknj14tfpbij5@4ax.com>
Message-ID <4fa9c61b$0$285$14726298@news.sunsite.dk> (permalink)
Organization SunSITE.dk - Supporting Open source

Show all headers | View raw

On 5/8/2012 11:51 AM, Gene Wirchenko wrote:
>       This was in the morning's trade articles:
>
> www.infoworld.com/d/security/why-you-cant-dump-java-even-though-you-want-192622
> InfoWorld Home / Security / Security Adviser
> May 08, 2012
> Why you can't dump Java (even though you want to)
> So many recent exploits have used Java as their attack vector, you
> might conclude Java should be shown the exit
> By Roger A. Grimes | InfoWorld
>
>       Comments?

The article is true but still completely BS.

There is a need for code running client side in web
solutions.

That code runs sandboxed and in theory does not have access
to anything on the client PC.

In practice there are some security bugs in the sandbox that
allows malicious code to gain access that it was not supposed
to have.

Same story whether it is Java applet, Flash, Silverlight,
JavaScript/HTML5 or even to some extent JavaScript/oldHTML.

As long as there is a need for code running client side
then the problem will exist.

Whether it is Java or something else does not matter.

So suggesting disabling Java in the browser is BS.

On can suggest disabling Java, Flash, JavaScript etc.
and see if one can live with the 1996 feeling.

Arne

Back to comp.lang.java.programmer | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Article: Why you can't dump Java (even though you want to) Gene Wirchenko <genew@ocis.net> - 2012-05-08 08:51 -0700
  Re: Article: Why you can't dump Java (even though you want to) Arved Sandstrom <asandstrom3minus1@eastlink.ca> - 2012-05-08 17:14 -0300
    Re: Article: Why you can't dump Java (even though you want to) "Nasser M. Abbasi" <nma@12000.org> - 2012-05-08 15:36 -0500
      Re: Article: Why you can't dump Java (even though you want to) markspace <-@.> - 2012-05-08 13:51 -0700
        Re: Article: Why you can't dump Java (even though you want to) "Nasser M. Abbasi" <nma@12000.org> - 2012-05-08 16:01 -0500
          Re: Article: Why you can't dump Java (even though you want to) markspace <-@.> - 2012-05-08 14:15 -0700
            Re: Article: Why you can't dump Java (even though you want to) "Nasser M. Abbasi" <nma@12000.org> - 2012-05-08 16:41 -0500
              Re: Article: Why you can't dump Java (even though you want to) Gene Wirchenko <genew@ocis.net> - 2012-05-08 15:19 -0700
              Re: Article: Why you can't dump Java (even though you want to) markspace <-@.> - 2012-05-08 15:21 -0700
          Re: Article: Why you can't dump Java (even though you want to) Gene Wirchenko <genew@ocis.net> - 2012-05-08 15:05 -0700
        Re: Article: Why you can't dump Java (even though you want to) Arved Sandstrom <asandstrom3minus1@eastlink.ca> - 2012-05-08 19:12 -0300
          Re: Article: Why you can't dump Java (even though you want to) BGB <cr88192@hotmail.com> - 2012-05-10 19:05 -0700
        Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-08 21:03 -0400
          Re: Article: Why you can't dump Java (even though you want to) markspace <-@.> - 2012-05-08 20:52 -0700
            Re: Article: Why you can't dump Java (even though you want to) Eric Sosman <esosman@ieee-dot-org.invalid> - 2012-05-09 06:58 -0400
              Re: Article: Why you can't dump Java (even though you want to) Lew <lewbloch@gmail.com> - 2012-05-09 12:04 -0700
            Re: Article: Why you can't dump Java (even though you want to) Gene Wirchenko <genew@ocis.net> - 2012-05-09 10:06 -0700
            Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-10 20:20 -0400
              Re: Article: Why you can't dump Java (even though you want to) Bent C Dalager <bcd@pvv.ntnu.no> - 2012-05-11 09:09 +0000
                Re: Article: Why you can't dump Java (even though you want to) Gene Wirchenko <genew@ocis.net> - 2012-05-11 09:41 -0700
                Re: Article: Why you can't dump Java (even though you want to) "javax.swing.JSnarker" <gharriman@boojum.mit.edu> - 2012-05-12 01:30 -0400
                Re: Article: Why you can't dump Java (even though you want to) Sleepy the Dwarf <std75821@gmail.com> - 2012-05-13 08:40 -0400
                Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-20 22:37 -0400
                Re: Article: Why you can't dump Java (even though you want to) Gene Wirchenko <genew@ocis.net> - 2012-05-20 20:25 -0700
                Re: Article: Why you can't dump Java (even though you want to) Bent C Dalager <bcd@pvv.ntnu.no> - 2012-05-21 19:31 +0000
                Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-20 22:35 -0400
                Re: Article: Why you can't dump Java (even though you want to) Bent C Dalager <bcd@pvv.ntnu.no> - 2012-05-21 19:26 +0000
                Re: Article: Why you can't dump Java (even though you want to) Kev Warren <k.warren312@noobnot.notnoob.org> - 2012-05-21 17:36 -0400
      Re: Article: Why you can't dump Java (even though you want to) markspace <-@.> - 2012-05-08 13:59 -0700
        Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-08 21:04 -0400
          Re: Article: Why you can't dump Java (even though you want to) markspace <-@.> - 2012-05-08 20:54 -0700
            Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-10 20:23 -0400
      Re: Article: Why you can't dump Java (even though you want to) Joshua Maurice <joshuamaurice@gmail.com> - 2012-05-08 15:32 -0700
      Re: Article: Why you can't dump Java (even though you want to) BGB <cr88192@hotmail.com> - 2012-05-10 16:36 -0700
    Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-08 21:13 -0400
      Re: Article: Why you can't dump Java (even though you want to) Arved Sandstrom <asandstrom3minus1@eastlink.ca> - 2012-05-09 16:50 -0300
        Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-10 20:26 -0400
  Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-08 21:19 -0400
  Re: Article: Why you can't dump Java (even though you want to) Roedy Green <see_website@mindprod.com.invalid> - 2012-05-09 14:42 -0700
    Re: Article: Why you can't dump Java (even though you want to) Joshua Cranmer <Pidgeot18@verizon.invalid> - 2012-05-10 17:07 -0500
    Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-10 20:19 -0400
      Re: Article: Why you can't dump Java (even though you want to) Arne Vajhøj <arne@vajhoej.dk> - 2012-05-20 22:33 -0400

csiph-web