Security of Java takes a dangerous turn for the worse, experts say (ars technica)

Posted Sep 12, 2013 7:58 UTC (Thu) by joib (subscriber, #8541)
In reply to: Security of Java takes a dangerous turn for the worse, experts say (ars technica) by eru
Parent article: Security of Java takes a dangerous turn for the worse, experts say (ars technica)

AFAICT many GUI remote console features on servers are implemented in Java (or ActiveX, which is useless if you do your management from a non-Windows box). Perhaps from a security standpoint this isn't such a huge deal in the sense that if you expose your ipmi network to the outside world you're an idiot anyway. ;-/ But, it's a usability issue, as these remote console almost invariably tend to be crappy and work properly at best only half the time. As they seem to be implemented on top of VNC anyway, I can't figure out why server vendors don't let users just connect via any damn VNC client they please instead of having to use their crappy applet. /rant

(The "proper" solution, I guess, is to just use the standard IPMI serial-over-lan console and forget about the proprietary GUI console. But that typically requires enabling the serial console in the BIOS and then setting up grub/whatever to do console redirection, so it's a few extra steps..)

Security of Java takes a dangerous turn for the worse, experts say (ars technica)

Posted Sep 12, 2013 11:16 UTC (Thu) by dskoll (subscriber, #1630) [Link]

I can't figure out why server vendors don't let users just connect via any damn VNC client they please instead of having to use their crappy applet.

+1 to that. I manage a number of SuperMicro servers and while the ability to rebuild a server 200km away from bare metal is impressive, the Java console applet really is painful and horrible. Just let me use my normal VNC client!