{"id":13408,"date":"2012-08-30T09:49:41","date_gmt":"2012-08-30T08:49:41","guid":{"rendered":"https:\/\/aidanfinn.com\/?p=13408"},"modified":"2012-08-30T09:49:41","modified_gmt":"2012-08-30T08:49:41","slug":"want-to-end-your-it-career-then-recommend-java","status":"publish","type":"post","link":"https:\/\/aidanfinn.com\/?p=13408","title":{"rendered":"Want To End Your IT Career? Then Recommend Java!"},"content":{"rendered":"

I hate Java.\u00a0 There, I said it.\u00a0 Any IT pro who has had to support multiple versions of this malware breeding ground knows that Java is a complete nightmare.\u00a0 I detested dealing with Java when I was an administrator\/engineer.\u00a0 Well, the chickens have come home to roost for Oracle.<\/p>\n

A commercially available attack hacker toolkit called Blackhole includes the ability to attack<\/a> the latest version of Oracle Java on all platforms<\/a><\/em>, including Windows, Mac OS, and Linux.\u00a0 Attacks are already in the wild.\u00a0 These drive-by attacks silently attack the Java VM when a user browses the web site, leaving the machine vulnerable to being taken over.<\/p>\n

If you want to find out if your version of Java is vulnerable to any security flaws then you can check it on this website<\/a>.\u00a0 I can save you a mouse click: your Java is vulnerable because \u2026 all versions of Java are vulnerable:<\/p>\n

\u201cOracle knew about zero-day Java vulnerabilities for months, researcher says\u201d<\/a> according to Computerworld.\u00a0 I read on The Register that claims Oracle has known about the vulnerabilities since April<\/a>.\u00a0 Oracle are sticking silently to their patching schedule, and won\u2019t patch the vulnerabilities until mid October.\u00a0 That\u2019s responsible of Oracle, eh? Not!<\/p>\n

So with no patch to secure Java (there\u2019s an impossibility!), security experts are recommending that you disable Java<\/a> in your browser.\u00a0 I\u2019d go one step further: uninstall the sh1te and find alternative applications\/banks that understand the need for security.\u00a0 Anyone who continues to recommend or sell Java based apps should be ignored, fired, thrown off of a cliff (joking about the last action \u2026 I think).<\/p>\n

Edit#1<\/p>\n

For your Java fans, why don\u2019t you read this<\/a> and this<\/a>:<\/p>\n

\u201cThe most commonly observed types of exploits in 1H11 were those targeting vulnerabilities in the Oracle (formerly Sun) Java Runtime Environment (JRE), Java Virtual Machine (JVM), and Java SE in the Java Development Kit (JDK). Java exploits were responsible for between one-third and one-half of all exploits observed in each of the four most recent quarters\u201d \u2013 A report in 2011.<\/em><\/p>\n

As for Microsoft software having vulnerabilities; yes \u2013 any large software does, including Linux, Andoid and Mac OS.\u00a0 You\u2019re a naive moron if you think otherwise.\u00a0 Where Microsoft rises above the competition is that they deal with the issues as they arise, release patches, and scream from the mountain tops to get you to patch.\u00a0 They even give you simple free, and enterprise tools to automate this.\u00a0 But naive morons don\u2019t want to listen because they have their heads up their asses:<\/p>\n