Security of Java takes a dangerous turn for the worse, experts say (ars technica)
Security of Java takes a dangerous turn for the worse, experts say (ars technica)
Posted Sep 12, 2013 7:25 UTC (Thu) by geuder (subscriber, #62854)In reply to: Security of Java takes a dangerous turn for the worse, experts say (ars technica) by eru
Parent article: Security of Java takes a dangerous turn for the worse, experts say (ars technica)
One of the bigger Finnish banks is just replacing it in their online banking these days (and they got it when they were bought by a Danish bank, so probably they had it, too). The German tax administration has it in their online services. (Although it's only mandatory in Windows XP and it actually blocks old JRE versions so people are forced to upgrade at least a bit). It appears that similar examples are found from many countries, guaranteeing that 100s of millions of users need it. And even if they need it only once a year, most of them will not disable it.
I think most conference systems use it for screen sharing, Big Blue Button, screenleap, webhuddle. (Skype being a positive exception in this respect)
Posted Sep 13, 2013 14:47 UTC (Fri)
by smurf (subscriber, #17840)
[Link] (1 responses)
Happily, for the most common uses this Java thing can be avoided; there is an implementation of the Elster protocol (which for the most part is actually documented(!!!)) which does the same thing in HTML5 and JS, as a Firefox app ("Geierlein").
Aside: "Elster" is supposed to be an acronym. It is also the German name for the magpie, a bird _not_ known for leaving your belongings alone, esp. small shiny valuable ones. It's a mystery how the IT people at the (normally quite humor-challenged) German tax office got away with that.
Posted Sep 18, 2013 12:10 UTC (Wed)
by Arker (guest, #14205)
[Link]
Security of Java takes a dangerous turn for the worse, experts say (ars technica)
Security of Java takes a dangerous turn for the worse, experts say (ars technica)