PDA

View Full Version : Books: Java and safety



jerome1232
January 12th, 2013, 05:47 AM
Straight out of the text book


The safety features of the Java language make it possible to run Java programs in a browser without fear that they might attack your computer

Wait, what?!

lisati
January 12th, 2013, 06:57 AM
Straight out of the text book



Wait, what?!

I'm not sure if these "safety features" will actually help me learn Java more quickly.

linuxcoffeelover
January 12th, 2013, 07:38 AM
lol that's weird how old is the book. I have a C programming book from 2004 that is pretty good,and no BS just jump right here is some background some tips things to remember sample codes and code fragments. but the java and java 2 books I have not that good and don't get me started on the java script book but that's a java script for dummies,and an old one too so that might be why that one is like that.


also it's funny I found that I am more productive using nano then I can't be distracted if there's no gui kinda funny I guess.

Ji Ruo
January 12th, 2013, 08:13 AM
There are similar quotes in Core Java (Horstmann/Cornell) in the 6th/7th edition, and possibly in later editions. It's been a common theme for Java advocates, at least until recent critical vulnerabilities have shown this to be patently false.

lisati
January 12th, 2013, 08:20 AM
It wouldn't be "Java for everyone" would it?

jerome1232
January 12th, 2013, 08:21 AM
It is Horstmann, Java for Everyone 2nd edition, I don't see a publishing date but it's compatible with Java versions 5, 6, and 7, copyright dates 2013, 2010.

It just struck me as odd seeing as to my knowledge Java plugins are one of the most common attack vectors.

3rdalbum
January 12th, 2013, 10:43 AM
"Recent critical vulnerabilities"? When you say "recent", are you referring to everything since 2001?

In theory, Java should be safe. In practice it's not. I think the author really meant "in theory".

Gremlinzzz
January 13th, 2013, 03:19 AM
:popcorn: The U.S. Department of Homeland Security is advising people to temporarily disable the Java software on their computers to avoid potential hacking attacks.

The malware has currently been seen attacking Windows, Linux and Unix systems, and while so far has not focused on OS X, may be able to do so given OS X is largely similar to Unix and Java is cross-platform.

http://www.cbsnews.com/8301-205_162-57563619/u.s-tells-computer-users-to-disable-java-software/

xianbei
January 13th, 2013, 09:28 PM
So, does anyone have any insight as to whether or not the Homeland Security recommendations to disable Java are valid?

If there have always been risks in Java per the above posts, what makes this "new" vulnarability worthy of a national cease-fire?

Gremlinzzz
January 14th, 2013, 02:19 AM
:popcorn:Oracle says Java update coming Tuesday

Oracle is working on an update to address a flaw in its Java software.

The company says it will release a patch that will fix 86 vulnerabilities in Java 7 on Tuesday.

The Department of Homeland Security last week said computer users should disable the program in web browsers because hackers were using a zero-day vulnerability to attack computer systems. Criminals were using the flaw to stealthily install malware on the computers of users who visit compromised websites.

The problem, which affects Oracle Java 7 update 10 and earlier, can allow an untrusted Java applet to escalate its privileges, without requiring code signing.

http://www.pcworld.com/article/2025171/oracle-says-java-update-coming-tuesday.html