Press "Enter" to skip to content

Posts tagged as “java”

Microsoft Nemesis Dies, SCO Lives & More…

Friday FOSS Week in Review

We may be paranoid but they are out to get us

In week three (or is it week four?) of the Spy vs. Spy scandal, the Obama folks keep saying things like “what’s the big deal?” while trying to convince us that the secret oversight court called FISA (we prefer “the Star Chamber”) has nothing but our constitutional rights in mind when it rubber stamps requests to secretly steal our privacy. Obama likes to talk about transparency. Indeed, he becomes more transparent by the moment; we’re beginning to see right through him. The 22nd amendment should now be seen as a face saver for Mr. Obama–as we would think no self respecting liberal or progressive would vote again for this man who once represented our best hope. Pity.

FOSS Force Poll: We Don’t Trust Oracle Or Java

Back in March and April, when the Java browser plugin was getting hammered with security holes that were being exploited in the wild, we conducted a couple of unscientific polls here on FOSS Force to determine how our visitors were handling this security crisis.

To call the problems that Java was experiencing at the time a “crisis” is not an exaggeration. If you’ll remember, the situation was considered so serious that here in the U.S., the Department of Homeland Security was urging everyone to disable the Java plugin.

These two Java polls were among the first we conducted on FOSS Force and received about the fewest votes of any polls we’ve conducted so far. Undoubtedly, this was partially due to the fact that we were just beginning to conduct polls on the site, and so polling here was something new to our visitors. Also, our articles on Java security issues received a smaller number of page views than most articles we publish. However, low readership notwithstanding, we will continue to cover serious security issues, because we think it’s important that we do so.

Oracle Serious About Java Security–Maybe

We’re not ready to tell you we think it’s safe to reactivate your Java browser plugin–in fact, just the opposite–but we will say that Oracle is at least giving the appearance they’re now serious about addressing browser-side Java’s safety. Early last week they issued a security patch that fixed either 41 or 42 Java security issues, depending on what website you’re reading.

Excuse us if we don’t seem too impressed. At this juncture all we’re willing to do is say with utmost snark, “It’s about time.”

Christine HallChristine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Java Remains Unsafe–Not Likely To Be Fixed Soon

Guess what? We’re hearing reports this morning that the black hats are continuing to take advantage of security vulnerabilities in Java. Of course they are. That’s what black hats do. We’re also hearing from security experts that browser side Java isn’t likely to be made secure in the near future.

Oracle’s management of Java since obtaining it from Sun has been nothing short of a joke. It’s about time for them to decide if they want to keep Java or not. If they don’t want it, they need to spin it off or let it die. If they think it’s a valuable part of their software portfolio, they should treat it as such and work overtime to make it safe.

Christine HallChristine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Oracle Patches 2 Java Holes–At Least 5 Remain

It would seem that Oracle is getting serious about addressing security issues in Java. Late Monday the company pushed Java 7 Update 17 that fixes two security holes that were already being exploited in the wild.

The vulnerabilities addressed in Monday’s patch had been known since at least February 1 and were originally scheduled to be fixed in a scheduled security update in April, according to a security blog on the Oracle website:

Christine HallChristine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Five, Count ‘Em, Five New Security Holes In Java

Those who thought it was safe to re-up Java on their browsers will need to go back and turn it off again.

If you listen to us, after you do you’ll never turn it back on. Browser side Java has been made pretty much obsolete by newer technologies, which means you don’t need it, especially since it’s proving to be about as easy to keep secure as ActiveX, sandbox or no. Here at FOSS Force, we haven’t had it enabled on our browsers for years, with no noticeable problems when we surf the web.

You may remember that back on January 10th it was announced that Java had a security vulnerability that was already being exploited in the wild. This security hole was serious enough to prompt the U.S. Department of Homeland Security to suggest that browser side Java be turned-off on all computers.

Christine HallChristine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Latest FOSS News: