Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Firefox Java Mozilla Security

To Stop BEAST, Mozilla Developer Proposes Blocking Java Framework 309

Posted by timothy
from the nuclear-option dept.
rastos1 writes with this news from The Register: "In a demonstration last Friday, it took less than two minutes for researchers Thai Duong and Juliano Rizzo to wield the exploit to recover an encrypted authentication cookie used to access a PayPal user account. ... The researchers settled on a Java applet as their means to bypass SOP, leading Firefox developers to discuss blocking the framework in a future version of the browser. ... 'I recommend that we blocklist all versions of the Java Plugin,' Firefox developer Brian Smith wrote on Tuesday in a discussion on Mozilla's online bug forum. 'My understanding is that Oracle may or may not be aware of the details of the same-origin exploit. As of now, we have no ETA for a fix for the Java plugin.'"
This discussion has been archived. No new comments can be posted.

To Stop BEAST, Mozilla Developer Proposes Blocking Java Framework

Comments Filter:

Factorials were someone's attempt to make math LOOK exciting.

Working...