Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Java Security IT

Java Update Implements Whitelists To Combat 0-Day Hacks 55

Posted by timothy from the let's-see-your-invitation dept.
kylus writes "The Register is reporting that Oracle's new Java 7 update 40 release comes complete with a new 'Deployment Rule Set' capability which allows administrators to define which particular applets and Java Web Start applications ('Rich Internet Applications') are permitted to run on a given machine. Not a complete solution for the recent trend of Java hacks that have cropped up, but good news for enterprises that have to run this in their environment." Update: 09/19 20:08 GMT by U L : There's an introduction to deploying rule sets on the Java platform group weblog too.
This discussion has been archived. No new comments can be posted.

Java Update Implements Whitelists To Combat 0-Day Hacks More

Java Update Implements Whitelists To Combat 0-Day Hacks

Comments Filter:

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Thursday September 19, 2013 @11:59AM (#44894211)
    Comment removed based on user account deletion

  • Re:About time (Score:2, Insightful)

    by Joining Yet Again ( 2992179 ) on Thursday September 19, 2013 @12:12PM (#44894325)

    Would you mind clarifying for me what you would prefer?

    Because I agree with you that Java on the desktop is horrible, but only in the sense that it doesn't properly integrate with the operating system - in that sense, web apps are even worse. DotNet/NGWS is better, but still a layer of pointlessness originally created for no other reason than MS didn't like Sun - if you're going to write platform-specific code, might as well use Win32 - then write your own cross-platform layers if needed so absolutely everything looks *native* and integrates beautifully on each target, something that every existing cross-platform library fails fucking hard at.

    Once again, this is where Apple got it right: fuck web apps, because you want people to take advantage of your own platform. Hence the iOS SDK. And Android followed. This is why phones and tablets are succeeding while PCs are dying - because people are actually developing for the former, but they've given up on the latter in favour of "the web", where everything is third rate.

  • Re:Whitelists mean nothing (Score:4, Insightful)

    by kylus ( 149953 ) on Thursday September 19, 2013 @12:16PM (#44894363) Homepage
    As I said at the end of the summary, this really isn't a complete solution and you're right about a whitelisted applet/RIA being vulnerable. However this is a good piece of 'defense in depth' to prevent random Java crap from executing without authorization if (when) another bug crops and is somehow exploited. If the stuff you're whitelisting has problems, you need to revisit your coding quality checks, or talk to whatever vendor is supplying it to you.

  • Statement from Oracle (Score:2, Insightful)

    by Anonymous Coward on Thursday September 19, 2013 @12:22PM (#44894443)

    "We give up. We're too incompetent to fix the bugs, so we'll just foist a huge inconvenience on our customers who are locked in to our platform."

  • Re:pointless (Score:5, Insightful)

    by h4rr4r ( 612664 ) on Thursday September 19, 2013 @12:50PM (#44894723)

    No everyone has not. There are a great many enterprise apps that companies rely on that need this. Normal users will not know to turn it on, nor to turn it off.

  • Re:Oracle are fab (Score:4, Insightful)

    by Joce640k ( 829181 ) on Thursday September 19, 2013 @01:14PM (#44894979) Homepage

    Finally, an admission that they'll never be able to make it secure, that blacklisting everything by default is the only way forward.

  • Re:Why only applets? (Score:4, Insightful)

    by swilver ( 617741 ) on Thursday September 19, 2013 @03:55PM (#44896463)

    I'd recommend installing a better firewall instead.

Slashdot Top Deals

I tell them to turn to the study of mathematics, for it is only there that they might escape the lusts of the flesh. -- Thomas Mann, "The Magic Mountain"

Close