Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Firefox

+ - Firefox devs mull dumping Java to stop BEAST attac->

Submitted by rastos1
rastos1 (601318) writes "In a demonstration last Friday, it took less than two minutes for researchers Thai Duong and Juliano Rizzo to wield the exploit to recover an encrypted authentication cookie used to access a PayPal user account. The researchers settled on a Java applet as their means to bypass SOP, leading Firefox developers to discuss blocking the framework in a future version of the browser.
“I recommend that we blocklist all versions of the Java Plugin,” Firefox developer Brian Smith wrote on Tuesday in a discussion on Mozilla's online bug forum. “My understanding is that Oracle may or may not be aware of the details of the same-origin exploit. As of now, we have no ETA for a fix for the Java plugin.”"

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Firefox devs mull dumping Java to stop BEAST attac

Comments Filter:

A sheet of paper is an ink-lined plane. -- Willard Espy, "An Almanac of Words at Play"

Working...