Mozilla Blocks Vulnerable Java Versions In Firefox 205
Trailrunner7 writes with this excerpt from Threatpost: "Mozilla has made a change in Firefox that will block all of the older versions of Java that contain a critical vulnerability that's being actively exploited. The decision to add these vulnerable versions of Java to the browser's blocklist is designed to protect users who may not be aware of the flaw and attacks. 'This vulnerability — present in the older versions of the JDK and JRE — is actively being exploited, and is a potential risk to users. To mitigate this risk, we have added affected versions of the Java plugin for Windows (Version 6 Update 30 and below as well as Version 7 Update 2 and below) to Firefox's blocklist. A blocklist entry for the Java plugin on OS X may be added at a future date. Mozilla strongly encourages anyone who requires the JDK and JRE to update to the current version as soon as possible on all platforms,' Mozilla's Kev Needham said."
Re:Java dying? (Score:5, Interesting)
Java found it niche. JavaEE is still big, as it is a great platform for Web Services. However Java Applications have never gotten popular because they always end up looking a bit out of date (although it has greatly improved) compared to what the other platforms offer.
Slashdot hates Java because they hate anything that isn't Pure GNU open source.
Re:Java dying? (Score:3, Interesting)
However Java Applications have never gotten popular because they always end up looking a bit out of date
The Windows look-and-feel should have been enabled by default. Then Java wouldn't look like a 15 year old version of Solaris.
Re:Java dying? (Score:3, Interesting)
I'm just going to respond to a few of your points:
There are plenty of other languages that promises much and deliver few. I think a lot of language preference depends on what you learned first and who you choose to associate with. I know plenty of Perl programmers who swear Perl is the one true language, and the same with C++, Python, Ruby, etc. Each language has its strength and weaknesses, but none of them have anything that warrants the level of hate. Except for Perl it is perfectly fine to hate that one. :P
I don't know where you get your information from but Java does pretty well on the performance front. It benefits greatly from its static typing system and doesn't suffer from the overhead that is associated with the dynamic languages like Perl, Ruby, and Python. Java is magnitudes faster than the current batch of young languages and is in close ranks with the big three (C, Fortran, and C++). The fact that it runs without recompile on multiple hardware platforms is a bonus.
To be fair, I'd hope it would be trivial to call a C library from within C++ and Objective-C otherwise something is seriously wrong since they are pretty much derived from C. As for "so on" I do know that there is usually a binding meta languages involved (Perl's comes to mind), so I don't think JNI is any less different than the others. Since the other languages tend to be *much* slower, binding to a C library is much more important for them.
Not necessarily true. You can keep your older versions of the JRE installed. Of course your comparison is with a "statically compiled, statically linked program" and not the more compact and prevalent dynamically linked programs. Nothing prevents someone from continuing to use the older JRE with a Java application that has all of its dependencies included in the application JAR file.
And this is unique to Java?
Re:Java dying? (Score:4, Interesting)