Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #23488

Re: > Sandboxed power == More secure???

From markspace <markspace@nospam.nospam>
Newsgroups comp.lang.java.programmer
Subject Re: > Sandboxed power == More secure???
Date 2013-04-17 11:37 -0700
Organization A noiseless patient Spider
Message-ID <kkmq0l$q94$1@dont-email.me> (permalink)
References <kkknq8$3u2$1@speranza.aioe.org> <516e04f5$0$32117$14726298@news.sunsite.dk> <kkmhjk$lkp$1@dont-email.me> <kkmkq0$g1f$1@dont-email.me>

Show all headers | View raw

On 4/17/2013 10:09 AM, Eric Sosman wrote:

>      Time to get my eyesight checked: When I read your post it
> looked like a claim that Flash is secure!

Well, you should get your eyesight checked.  Java is currently exploited 
far more often and far worse than Flash has been.  It's been all over 
the security related websites, and even some for the general public.  I 
see what you're saying, but Flash and Java don't really compare right 
now: things currently really bad for Java.  Example:

<http://www.securityweek.com/unique-challenges-controlling-java-exploits>

In short complaining that Flash really isn't secure is to complain about 
the mote in Flash's eye while ignoring the beam in Java's.

You still have a point though.  I use No-Script and both JavaScript and 
Flash are blocked by default on my system.  I guess I was referring to 
the fact that the vendors don't block their own systems by default.

I also like the UI for NoScript better than Java's security pop-up. 
It's better integrated into the browser and OS, and provides wider 
options than just "permanently allow this page."  Which I think is all 
that the Java plug-in has in terms of options.

>      (Yesterday I applied security updates for both Java and
> Flash, also AIR.  Any bets on which requires its next update
> sooner?)

I doubt frequency of updates correlates to security.  I'd guess that 
company culture and resources correlate more strongly.

Back to comp.lang.java.programmer | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

> Sandboxed power == More secure??? Richard Maher <maher_rjSPAMLESS@hotmail.com> - 2013-04-17 07:45 +0800
  Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-16 22:12 -0400
    Re: > Sandboxed power == More secure??? Lew <lewbloch@gmail.com> - 2013-04-16 19:25 -0700
      Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-16 22:30 -0400
    Re: > Sandboxed power == More secure??? markspace <markspace@nospam.nospam> - 2013-04-17 09:14 -0700
      Re: > Sandboxed power == More secure??? Eric Sosman <esosman@comcast-dot-net.invalid> - 2013-04-17 13:09 -0400
        Re: > Sandboxed power == More secure??? markspace <markspace@nospam.nospam> - 2013-04-17 11:37 -0700
          Re: > Sandboxed power == More secure??? Eric Sosman <esosman@comcast-dot-net.invalid> - 2013-04-17 15:49 -0400
            Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-17 19:10 -0400
            Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-17 19:13 -0400
              Re: > Sandboxed power == More secure??? Eric Sosman <esosman@comcast-dot-net.invalid> - 2013-04-17 21:12 -0400
                Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-17 21:34 -0400
                Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-17 21:39 -0400
      Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-17 19:06 -0400
        Re: > Sandboxed power == More secure??? Joerg Meier <joergmmeier@arcor.de> - 2013-04-18 03:04 +0200
  Re: > Sandboxed power == More secure??? Roedy Green <see_website@mindprod.com.invalid> - 2013-04-17 10:37 -0700
    Re: > Sandboxed power == More secure??? paul.cager@gmail.com - 2013-04-17 10:54 -0700
    Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-17 19:02 -0400
      Re: > Sandboxed power == More secure??? Richard Maher <maher_rjSPAMLESS@hotmail.com> - 2013-04-25 10:09 +0800
        Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-24 22:30 -0400
        Re: > Sandboxed power == More secure??? markspace <markspace@nospam.nospam> - 2013-04-25 08:54 -0700
          Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-26 22:11 -0400
            Re: > Sandboxed power == More secure??? markspace <markspace@nospam.nospam> - 2013-04-26 20:05 -0700
              Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-27 22:23 -0400
              Re: > Sandboxed power == More secure??? "Chris Uppal" <chris.uppal@metagnostic.REMOVE-THIS.org> - 2013-04-28 12:09 +0100
                Re: > Sandboxed power == More secure??? Arne Vajhøj <arne@vajhoej.dk> - 2013-04-28 09:43 -0400

csiph-web