Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Java

+ - Why You Can't Dump Java (Even Though You Want To)->

Submitted by
snydeq
snydeq writes "So many recent exploits have used Java as their attack vector, you might conclude Java should be shown the exit, but the reality is, Java is not the problem, writes Security Advisor's Roger Grimes. 'Sure, I could opt not to use those Java-enabled services or install Java and uninstall when I'm finished. But the core problem isn't necessarily Java's exploitability; nearly all software is exploitable. It's unpatched Java. Few successful Java-related attacks are related to zero-day exploits. Almost all are related to Java security bugs that have been patched for months (or longer),' Grimes writes. 'The bottom line is that we aren't addressing the real problems. It isn't a security bug here and there in a particular piece of software; that's a problem we'll never get rid of. Instead, we allow almost all cyber criminals to get away with their Internet crime without any penalty. They almost never get caught and punished. Until we solve the problem of accountability, we will never get rid of the underlying problem.'"
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Why You Can't Dump Java (Even Though You Want To)

Comments Filter:

Physician: One upon whom we set our hopes when ill and our dogs when well. -- Ambrose Bierce

Working...