Jump to content

Oracle Chastised by FTC over Java Patches


Recommended Posts

basically, the ftc said, 'oracle, your handling of java security updates inhales vigorously.'

- this, of course, because java has always patched by simply providing the entire new java se and never deleting the old

- which, of course, leaves the previous security flaws available on your pc since the beginning of time.

 

so... with 3 billion (10^9) copies of java floating around - that's a lot of security holes.

 

because java is so important to banking and e-commerce, will the internet community ever find or adopt a more secure replacement?

 

what do you think??

  • Like 1
Link to post
Share on other sites

indeed. they are separate, similar in name only.

 

while one may wish for linux and whatever runs on it, we live in the world of multiple copies of java se on millions of pcs.

  • Like 1
Link to post
Share on other sites

wow. cool!

evil tho google is (from my view) they do seem to be somewhat security conscious. (what with the recent spanking of AVG, and the probability that AVG will be removed from the google app store.)

Link to post
Share on other sites
  • 2 weeks later...

One way to avoid this is to download the latest version manually. After the install you are taken to an Oracle page where it asks you if you wish to remove older versions of Java.

Link to post
Share on other sites
V.T. Eric Layton

I haven't installed any version of Java on my machines for years. I don't miss it or even notice it's gone. I can't tell you the last time I ran across a website that required Java.

  • Like 1
Link to post
Share on other sites

java now says, after installing the new version, o, i found older versions, can i uninstall them?

 

so, oracle must have finally got off its security duff and got with the program.

Link to post
Share on other sites
securitybreach
so, oracle must have finally got off its security duff and got with the program.

 

I wouldn't bet on that....

  • Like 1
Link to post
Share on other sites

i know. but some progress is better than none. and since version 7 something (?) java does security with certs.

 

no, i'm not a fan-boy of java, or the unrelated flash, but sadly, both are required in so, so many business situations.

  • Like 1
Link to post
Share on other sites
goretsky

Hello,

 

I wonder if one reason that Oracle had been so against removing old versions of Java is that it was counting each installation of the software on the same device multiple times as part of their 3 billion install base?

 

Regards,

 

Aryeh Goretsky

  • Like 1
Link to post
Share on other sites
securitybreach

Hello,

 

I wonder if one reason that Oracle had been so against removing old versions of Java is that it was counting each installation of the software on the same device multiple times as part of their 3 billion install base?

 

Regards,

 

Aryeh Goretsky

 

I wouldn't doubt it any.

  • Like 1
Link to post
Share on other sites

ha ha! wow, i wouldn't put it past 'em!

 

but i know some business (over the internet) apps won't work with newer versions, so sometimes you have to leave a decrepit version on the pc, as well as a newer version to run with the newer stuff.

 

yes, ha-uge security hole.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...