Archive

Posts Tagged ‘Java’

Ask Slashdot: Finding Work Over 60?

November 8th, 2012 11:36 admin View Comments

Education

First time accepted submitter Hatfield56 writes “I’ve been in IT since the mid-1980s, mainly working for financial institutions. After 16 years at a company, as a programmer (Java, C#, PL/SQL, some Unix scripting) and technical lead, my job was outsourced. That was in 2009 when the job market was basically dead. After many false starts, here I am 3 years later wondering what to do. I’m sure if I were 40 I’d be working already but over 60 you might as well be dead. SO, I’m wondering about A+. Does anyone think that this will make me more employable? Or should I being a greeter at Walmart?”

Source: Ask Slashdot: Finding Work Over 60?

The IDE As a Bad Programming Language Enabler

October 30th, 2012 10:18 admin View Comments

Programming

theodp writes “When it comes to monolithic IDEs, Wille Faler has lost that loving feeling. In IDEs Are a Language Smell, Faler blogs about a Eureka! moment he had after years of using Eclipse for Java development. ‘If the language is good enough,’ Faler argues, ‘an IDE is strictly not needed as long as you have good support for syntax highlighting and parens matching in the case of Clojure, or indentation in the case of Haskell.’ So why do Java coders turn to Eclipse? ‘Because [of] a combination of shortcomings in the Java compiler and Java’s OO nature,’ explains Faler, ‘we end up with lots and lots of small files for every interface and class in our system. On any less than trivial Java system, development quickly turns into a game of code- and file-system navigation rather than programming and code editing. This nature of Java development requires IDEs to become navigation tools above all.’ Yes, only an IDE could love AbstractSingletonProxyFactoryBean!”

Source: The IDE As a Bad Programming Language Enabler

Researcher Develops Patch For Java Zero Day In 30 Minutes

October 23rd, 2012 10:18 admin View Comments

Java

Trailrunner7 writes “A security researcher has submitted to Oracle a patch he said took him 30 minutes to produce that would repair a zero-day vulnerability currently exposed in Java SE. He hopes his actions will spur Oracle to issue an out-of-band patch for the sandbox-escape vulnerability, rather than wait for the February 2013 Critical Patch Update as Oracle earlier said it would. Adam Gowdiak of Polish security consultancy Security Explorations reported the vulnerability to Oracle on Sept. 25, as well as proof-of-concept exploit code his team produced. The vulnerability is present in Java versions 5, 6 and 7 and would allow an attacker to remotely control an infected machine once a user landed on a malicious website hosting the exploit. Gowdiak said his proof-of-concept exploit was successfully used against a fully patched Windows 7 machine using Firefox 15.0.1, Chrome 21, IE 9, Opera 12, and Safari 5.1.7.”

Source: Researcher Develops Patch For Java Zero Day In 30 Minutes

New Java Vulnerability Found Affecting Java 5, 6, and 7 SE

September 25th, 2012 09:15 admin View Comments

Bug

jcatcw writes “Just as Oracle is ramping up for the September 30 start of JavaOne 2012 in San Francisco, researchers from the Polish firm Security Explorations disclosed yet another critical Java vulnerability that might ‘spoil the taste of Larry Ellison’s morning … Java.’ According to Security Explorations researcher Adam Gowdiak, who sent the email to the Full Disclosure Seclist, this Java exploit affects one billion users of Oracle Java SE software, Java 5, 6 and 7. It could be exploited by apps on Chrome, Firefox, Internet Explorer, Opera and Safari. Wow, thanks a lot Oracle.”

Source: New Java Vulnerability Found Affecting Java 5, 6, and 7 SE

Java Exploit Patched? Not So Fast

August 31st, 2012 08:04 admin View Comments

Bug

PCM2 writes The Register reports that Security Explorations’ Adam Gowdiak says there is still an exploitable vulnerability in the Java SE 7 Update 7 that Oracle shipped as an emergency patch yesterday. ‘As in the case of the earlier vulnerabilities, Gowdiak says, this flaw allows an attacker to bypass the Java security sandbox completely, making it possible to install malware or execute malicious code on affected systems.’”

Source: Java Exploit Patched? Not So Fast

Oracle Patches Java 7 Vulnerability

August 30th, 2012 08:16 admin View Comments

Java

First time accepted submitter JavaBear writes “Oracle have just released the u7 release of their Java 7. From the article: ‘In response to the findings of a recent vulnerability in Java 7 that was being exploited by malware developers, Oracle has released an official patch that takes care of the problem. In the past week, a new vulnerability was unveiled in Oracle’s Java 7 runtime, which has been used by hackers in targeted attacks on Windows-based systems. Similar to the recent Flashback malware in OS X, this vulnerability allows criminals to create a drive-by hack where the only action needed to compromise a system is to visit a rogue Web page that hosts a malicious Java applet.”

Source: Oracle Patches Java 7 Vulnerability

Polish Researcher: Oracle Knew For Months About Java Zero-Day

August 30th, 2012 08:28 admin View Comments

Java

dutchwhizzman writes “Polish security researcher Adam Gowdiak submitted bug reports for the current Java 7 zero day exploit that’s wreaking havoc all over the Internet months ago. It seems that Oracle can’t — or won’t? — take such reports seriously. Is it really time to ditch Oracle’s java and go for an open source VM?”

Source: Polish Researcher: Oracle Knew For Months About Java Zero-Day

Experts Develop 3rd-Party Patch For New Java 0day

August 27th, 2012 08:18 admin View Comments

Java

tsu doh nimh writes “A new exploit for a zero-day vulnerability in Oracle’s Java JRE version 7 and above is making the rounds. A Metasploit module is now available to attack the flaw, and word in the underground is that it will soon be incorporated into BlackHole, a widely used browser exploit pack. KrebsOnSecurity.com talked to the BlackHole developer, who said the Java exploit would be worth at least $100,000 if sold privately. Instead, this vulnerability appears to have been first spotted in targeted/espionage attacks that used the exploit to drop the remote control malware Poison Ivy, according to experts from Deep End Research. Because Oracle has put Java on a quarterly patch cycle, and the next cycle is not scheduled until October, experts have devise and are selectively releasing an unofficial patch for the flaw.”

Source: Experts Develop 3rd-Party Patch For New Java 0day

Experts Develop 3rd-Party Patch For New Java Zero-Day

August 27th, 2012 08:18 admin View Comments

Java

tsu doh nimh writes “A new exploit for a zero-day vulnerability in Oracle’s Java JRE version 7 and above is making the rounds. A Metasploit module is now available to attack the flaw, and word in the underground is that it will soon be incorporated into BlackHole, a widely used browser exploit pack. KrebsOnSecurity.com talked to the BlackHole developer, who said the Java exploit would be worth at least $100,000 if sold privately. Instead, this vulnerability appears to have been first spotted in targeted/espionage attacks that used the exploit to drop the remote control malware Poison Ivy, according to experts from Deep End Research. Because Oracle has put Java on a quarterly patch cycle, and the next cycle is not scheduled until October, experts have devised and are selectively releasing an unofficial patch for the flaw.”

Source: Experts Develop 3rd-Party Patch For New Java Zero-Day

Rootbeer GPU Compiler Lets Almost Any Java Code Run On the GPU

August 11th, 2012 08:20 admin View Comments

Java

An anonymous reader writes “Today the source code to the Rootbeer GPU Compiler was released as open source on github. This work allows for a developer to use almost any Java code on the GPU. It is free, open source and highly tested. Rootbeer is the most full featured translator to convert Java Bytecode to CUDA. It allows arbitrary graphs of objects to be serialized to the GPU and the GPU kernel to be written in Java.” Rootbeer is the work of Syracuse University instructor Phil Pratt-Szeliga.

Source: Rootbeer GPU Compiler Lets Almost Any Java Code Run On the GPU

YOYOYOOYOYOYO