7 Replies - 13172 Views - Last Post: 18 February 2013 - 10:05 AM Rate Topic: -----

#1 macosxnerd101  Icon User is online

  • Self-Trained Economist
  • member icon




Reputation: 10803
  • View blog
  • Posts: 40,259
  • Joined: 27-December 08

[Link] Java Is Still the Most Secure Widespread Runtime

Post icon  Posted 01 February 2013 - 09:52 AM

Quote

You probably know the SecurityManager as Java's "sandbox" introduced with Sun's marketing of Java Applets. It also has uses on the server. The SecurityManager is essentially Java's equivalent of SELinux or AppArmor, although it predates both. It tells Java which class can execute which "risky" functions (such as accessing the file system). You can implement a more coarse-grained version of much the same on a process level with Unix file permissions, the aforementioned AppArmor/SELinux, or a combination of technologies.


http://www.javaworld...ad-runtime.html

Is This A Good Question/Topic? 3
  • +

Replies To: [Link] Java Is Still the Most Secure Widespread Runtime

#2 Ryano121  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 1363
  • View blog
  • Posts: 3,002
  • Joined: 30-January 11

Re: [Link] Java Is Still the Most Secure Widespread Runtime

Posted 01 February 2013 - 10:09 AM

Interesting read. It seems that Java is getting a lot of hate recently because some aspects of it are insecure. The only part people fail to see is that it only applies to applets and other old web technologies that nobody really uses anymore. I don't think that many people are really affected by the flaws, but most people think they are. It's a bit of a shame.

I don't see why people can't just disable Java in their browsers and continue on with their lives. This will be good for most people. For any others using old Swing apps, then yes they may have to do something, but surely that's a good thing to force them to update? Perhaps. The main Java platform that people actually use day to day is still pretty darn good.

This post has been edited by Ryano121: 01 February 2013 - 10:12 AM

Was This Post Helpful? 2
  • +
  • -

#3 baavgai  Icon User is offline

  • Dreaming Coder
  • member icon

Reputation: 5929
  • View blog
  • Posts: 12,851
  • Joined: 16-October 07

Re: [Link] Java Is Still the Most Secure Widespread Runtime

Posted 01 February 2013 - 05:49 PM

Well, it's JavaWorld, so they might be a little biased. :P

"Java is still the most secure widespread runtime" What does that actually mean? What other "runtimes" are we comparing this to?

Article is fine but it's a crap title. You can probably blame an editor for that.
Was This Post Helpful? 0
  • +
  • -

#4 farrell2k  Icon User is online

  • D.I.C Lover
  • member icon

Reputation: 862
  • View blog
  • Posts: 2,651
  • Joined: 29-July 11

Re: [Link] Java Is Still the Most Secure Widespread Runtime

Posted 01 February 2013 - 06:57 PM

View Postbaavgai, on 02 February 2013 - 12:49 AM, said:

Well, it's JavaWorld, so they might be a little biased. :P/>

"Java is still the most secure widespread runtime" What does that actually mean? What other "runtimes" are we comparing this to?

Article is fine but it's a crap title. You can probably blame an editor for that.


Flash would probably be the best example. You could also compare Silverlight, but who really uses that?
Was This Post Helpful? 0
  • +
  • -

#5 baavgai  Icon User is offline

  • Dreaming Coder
  • member icon

Reputation: 5929
  • View blog
  • Posts: 12,851
  • Joined: 16-October 07

Re: [Link] Java Is Still the Most Secure Widespread Runtime

Posted 02 February 2013 - 06:01 AM

Again, "runtime" would need to be defined. You assume it's in a browser? The editorial want you to ignore the browser.

Does it need a VM model to be a runtime? Then we have Java, .NET, Android ( Dalvik ain't Java ), etc. Or is it just interpreted?

Only then can "most secure widespread runtime" be reasonably claimed. Since near every Windows box has .NET you'd want to at least compare that. Windows patches religiously, unlike Oracle, which is the crux of the problem.
Was This Post Helpful? 1
  • +
  • -

#6 Ghlavac  Icon User is offline

  • D.I.C Addict

Reputation: 84
  • View blog
  • Posts: 519
  • Joined: 14-January 09

Re: [Link] Java Is Still the Most Secure Widespread Runtime

Posted 06 February 2013 - 03:12 PM

I'd assume..

.NET
Java
Adobe AIR?
Was This Post Helpful? 0
  • +
  • -

#7 Aonor  Icon User is offline

  • New D.I.C Head

Reputation: 3
  • View blog
  • Posts: 8
  • Joined: 07-December 12

Re: [Link] Java Is Still the Most Secure Widespread Runtime

Posted 09 February 2013 - 11:43 AM

I did hear about that 0-day a couple of weeks ago, and how Oracle released a quick-fix but it was almost immediately bypassed again. Oracle patched the second 0-day again, but it's obvious there are some severe flaws in security that need to be looked at.
Was This Post Helpful? 0
  • +
  • -

#8 natecat  Icon User is offline

  • D.I.C Head

Reputation: 53
  • View blog
  • Posts: 225
  • Joined: 19-December 11

Re: [Link] Java Is Still the Most Secure Widespread Runtime

Posted 18 February 2013 - 10:05 AM

View PostAonor, on 09 February 2013 - 06:43 PM, said:

I did hear about that 0-day a couple of weeks ago, and how Oracle released a quick-fix but it was almost immediately bypassed again. Oracle patched the second 0-day again, but it's obvious there are some severe flaws in security that need to be looked at.

0-days don't reflect security at all. Java is still very secure, just old technology like applets aren't as secure and don't have the same security measures as desktop applications.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1