java security

i noticed on the news that Java is getting a lot of bad press lately because of security issues.

normally i would ignore it, but now i see the same story on all major newspapers.

one would think we could find something on either the java website or the oracle website (or both)

Oracles Facebook response is pretty weak:
Oracle is aware of a flaw in Java software integrated with web browsers. The flaw is limited to JDK7. It does not exist in other releases of Java, and does not affect Java applications directly installed and running on servers, desktops, laptops, and other devices. A fix will be available shortly
their "twitter" response is even weaker. its unknown what the Ophra Windfrey website says about it.

i have to wonder if they are taking this very seriously!


Staff member
I have been using noscript for a while, for firefox -

By default no scripts (flash / java) will load. Takes a little to get used to, but you can whitelist sites, specific scripts or just temporarily allow a site to work.
nice idea, but our biz. really lives (and dies) by java...! i am anticipating a LOT of questions this week from frightened users about what to do about the security issues.

and oracles response has been week at best.

as much as it pains me to say it, i am considering an emergency move to flash (it hurts just to type it)

side-note: firefox and java have not liked each-other much for some time now, so i switched over to chrome. i have to say i like it better, now that i am used to it. chrome has the equivalent of the 'firebug' plug-in built into. you can right-click on any element and select 'inspect element', and it brings up a rather cool debugger, even better than the venkamp-jScript debugger.

it was an emotional transition, since i have used FF since the netscape-3 days !
for those who find me irritating, just remember: its entirely because of this forum thread [which i started] that oracle released java 1.7_11 over the weekend.

the security notice on firefox seems to have gone away, for now.


New Member
IMHO no matter what language you move to there will be bugs. I work with Java day in and day out as well. It has its issues, just like any other language. My recommendation would to make sure your using safe browsing practices. Today its Java, tomorrow it will be flash, the week after that some C(#/+) issue.

853450945679234598795341 devices on the internet run some form of Java. I don't see it going away anytime soon.

Perhaps Oracle knows this as well, hence why it took them months to fix this. They only seemed to get off their lazy horse once zero-days were released.
853450945679234598795341 devices on the internet run some form of Java.
ZoomCloud, you have probably been told a million times to stop exaggerating. [weak attempt at Monday AM humor]

but since you raised the point: neither java or flash seem to play very nicely on the tablets. i keep hearing that HTML5 is supposed to replace everything, but H5 does not even come anywhere close to the task.

this reminds me of watching the supersonic transport and the space shuttle program end without any worthy replacements!

i have read about google-dart and google-go... but neither seem to have gone anywhere.