This forum is in permanent archive mode. Our new active community can be found here.

Department of Homeland Security reports Java exploit.

edited January 2013 in Technology
If you have anything running Java, keep it off.
Post edited by Daikun on


  • Tru Fax. Also, rails had a recent exploit, so you should update that shit if you're running it.
  • I hear there's money in programming.
  • Minecraft?
  • edited January 2013
    This has always been true. I never have Java installed, except if I have been playing Minecraft. Even then, I disable all Java in the browser. Only allow local Java apps like MInecraft to run. The number one cause of all security issues on normal computers has been Java running in browsers. Use to be Flash/Acrobat Reader, but not so much anymore.
    Post edited by Apreche on
  • I goberment has lots of stuff running on java and their java is generally old as shit.
  • I goberment has lots of stuff running on java and their java is generally old as shit.
    Pretty sure lots of Google is written in Java also, but the JVM they run is written by Google, not by Oracle/Sun.

    Really running a locally installed Java app like Minecraft, even with an old version, is not the security issue. The issue is if you browse the web and allow Java to execute Java from untrusted sources. I doubt anyone is on a government production Java server and browsing the web with Java enabled in the browser. I guess you might also be stupid and download a java app in an email attachment and run it. Doubt that is happening either.

    The real danger here is if your company has an app where the client is an in-browser Java applet. Then all employees using that app have vulnerable browsers. If those employees are browsing the general web, unrestricted, with those browsers, then your company is in danger. If the Java application is just a typical server-side thing, it's not an issue.
Sign In or Register to comment.