I too love to gripe about big corporations of all stripes, but...
Just hold your horses just a bit longer here.
On 8/30/2012 12:14 AM, Casper Bang wrote:
Forget about spending a decade debating closures - I'm talking about
patching security holes here! The last couple of years, Java has
become the predominant vector of attack, to the point that I recommend
friends and family *not* to run it at all. Life is rarely that simple
however, as i.e. the case with a Danish national SSO solution (taxes,
banks etc.), for all practical purposes requiring applet functionality
to be enabled for every citizen.
The latest vulnerability already seems to have the Poison Ivery trojan
spreading all over. It seems however, we're far from
zero-day vulnerability attacks, as these were brought to Oracle's
attention some 4 months ago:
http://www.security-explorations.com/en/SE-2012-01-press.html
I have now stitched together Chrome plugin to only allow certain
trusted applets to run, but your average Joe don't have that
option. There's still no fix available and that's just not good enough!
--
You received this message because you are subscribed to the Google
Groups "Java Posse" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/javaposse/-/hJTW5OLDg6wJ.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/javaposse?hl=en.
--
You received this message because you are subscribed to the Google Groups "Java
Posse" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/javaposse?hl=en.
