In an object oriented language an object is a combination of data and behavior (methods). If you want to transfer data across the wire with an object oriented system the natural place to put that data is into an object. Not trusting object serialization originates from a lack of knowledge on what is happening and you should educate yourself. Everything you want to know about serialization is here: https://docs.oracle.com/javase...

What you are doing by designing your own data formats is adding inherent whitelisting. Your reader/parser probably does a "new" on a specific set of classes. That prevents the type of vulnerability (arbitrary class loading) being discussed in the article but also requires you to reinvent the wheel for every data format.

You could have been using http://docs.oracle.com/javase/... to serialize data since that would give you an easy way to inspect the data type before recreating. You can even setup inspection/whitelisting with traditional object serialization if you wanted to: http://www.ibm.com/developerwo... .

Nowadays JSON is a pretty universal data format for wire transfers. You can deserialize JSON to trusted data-centric classes like Map, List, String, Integer, etc. That would give you universal encoding/decoding without arbitrary class loading. Unless you are required by a 2nd party to use some proprietary wire format there is no reason to roll-your-own encoding/decoding.

Here is an example of how to whitelist classes by subclassing ObjectInputStream: http://www.ibm.com/developerwo...

The type of class loading you are talking about would only happen when using object serialization with RMI and codebase setup to allow for dynamic class downloading. Object serialization only sends the data portion of an object. If you want to know more you can look at how the format works: http://docs.oracle.com/javase/...

Do what exactly? You can program routes into drones and have them fly by gps.

All three of your computers have dual monitor output. You have 2 monitors.

Put a 3+ computer KVM on each monitor, connect each computer to both KVMs.

The only drawback is you would have to press buttons on KVMs to change you modes, you wouldn't be able to use the keyboard shortcuts keys that some KVMs support.

Home ownership in a HOA area is kind of like owning the Doctor's TARDIS, you are stuck with the outside looking one way but you can do just about anything you want on the inside.

Isn't that how the Doctor's TARDIS usually looks when it lands someplace? I mean he isn't exactly good a parallel parking the thing.

All my phone lines are cat5e. You just need to find where your POTS is wired into your internal lines and put in a switch and rewire the cables/jacks you want as ethernet instead of phone. If you don't have cat5e or better you either need to wire your house depending on the level of difficulty or just use 802.11ac.

http://www.datacenterdynamics....

For my house:
The phones/tablets that the kids use take less power than the 2011 laptops.
The lcd tvs take less power than the projection tvs.
The coax line amp takes less power than the cable dvr that is gone in favor of OTA.
My Netgear R6300 uses a max of 38W vs the old WRT54g at 8W max, so that is the only less efficient device.

I think the poll results show more about the age distribution of slashdotters than which movie is the best.

Considering China's on/off relationship with North Korea I wonder if this is a response to the episode about Leonard dating the North Korean spy - http://bigbangtheory.wikia.com...

http://www.electronista.com/ar...

Wait, you're saying there was a market for C++ Linux jobs at some point? If you want to use Linux and be the most marketable as a developer you develop in Java (with a little JavaScript sprinkled in). If you want to stay more low-level have you looked at getting into the embedded space?

Sounds like you still want to teach so why not teach in the private sector? http://www.microsoft.com/learn...