Tumblr 101: Tips And Tricks To Get Started
Sebastian Thrun: Google's Driverless Car
Threat looming from Java security exploit
Global warming? How can you worry about global warming at a time like this? Have you not heard the news? Google's security team has discovered a flaw in the Sun Java Runtime Environment that might threaten every single platform, browser, and mobile device. Apparently anything running either the Java Runtime Environment or Java Development kit is at risk, which, last time we checked, is pretty much everything. You'll be hard-pressed to find a spoon that doesn't run some form of Java these days. Ok, so maybe it's not as big a deal as global warming, but it still could cause some potential problems. In fact, Chris Gatford from Pure Hacking even goes as far as to say "This is as bad as it gets." Those unfamiliar with Pure Hacking should be told that it is a penetration testing firm. Yes. Really. The words penetration and firm were both in that last sentence. Apologies all around to anyone whose head just exploded when it was overrun with the countless easy jokes that bubble up from reading that.
So be ready. This could be like Y2K all over again. Except, you know, something might actually happen this time. But probably not. Either way, if the world ends tomorrow, at least you can go out giggling childishly at the phrase "penetration firm."
Comments
4
Subscribe to commentsMikeJul 13th 2007 5:15PM
Sounds like a bunch of FUD. Where are some actual details? Let's just all run around screaming "The sky is falling! We're all gonna die!"
ToddJul 13th 2007 8:09PM
Overblown - excluding a handful of embedded devices measuring solar radiation at some remote weather station, all connected devices can just be updated with the patch Sun has already issued:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1
The tin foil hat wearer in me says Microsoft had a hand in blowing the threat severity out of proportion and then strong arming all the media outlets they advertise on to run the story.
Bonus: Firm penetration is mandatory!
AntJul 14th 2007 12:56PM
Might want to check out Appupdater. It 's like Windows Update but for all the random apps on your computer. Will keep them up to date and using the latest secure versions, and can be run on a corporate network.
http://www.nabber.org/projects/appupdater/
JamesJul 16th 2007 5:44PM
I'm not too sure, but I *think* there's no way to update the runtime on either of my Nokia cellphones, unless Nokia drops a new firmware version. For that matter, it's hard to think of any "mobile" device (PDA, cell phone, etc.) that lets the end user update the JRE. So, uh, I don't think it's small potatoes when a vulnerability of this scope is uncovered.