LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Oracle patches critical Java bugs used to commandeer computers (ars technica)

Oracle patches critical Java bugs used to commandeer computers (ars technica)

Posted Sep 6, 2012 20:24 UTC (Thu) by ibukanov (subscriber, #3942)
In reply to: Oracle patches critical Java bugs used to commandeer computers (ars technica) by pboddie
Parent article: Oracle patches critical Java bugs used to commandeer computers (ars technica)

> why the BankID "detector applet" wanted full access to the host system

It tries to detect presence of common malware and to fingerprint the system so in case of an infection it would be possible to black-list the customer's PC until Windows is reinstalled. In any case, running strace against browser displaying a page with BankID is rather entertaining.

> They were influenced enough to make it work only with a single vendor's technology

If banks would now about the amount of support calls they would receive about banking site not working on IPad, BankID would be dead on arrival. And banks could easily predict that state of affairs by trying to run BankId at the moment it appears on Linux and other non-mainstream systems with browser installed. That is, BankId has not even been a cross-platform solution. Indeed, those "were influenced enough"...

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds