Java is supposed to be sandboxed and have controls on what access to your system is allowed. The problem is that there are continually new exploits breaing around those controls.
Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
How about the fact that we now have 3-4 versions of Java running around because Applets written for J5u10 refuse to run on anything newer than J6u9, several applets refuse to run on anything newer than J6u45, and J7 introduced a number of breaking changes somewhere around update 40.
And for the record these security updates are for the runtime itself, not just the browser plugin. Some of them deal, for example, with certificate handling, sandbox escapes, and buffer overflows. The number of updates truly is staggering-- theres something like 70 in the J7 line, and Java 8 (which has been around for ~11 months) has received 30 updates. Thats 3 per month, if you're keeping track, just for the runtime.
Yea, like the Xbox-->Xbox360-->Xbox One thats currently getting its lunch eaten by the Playstation! Right?
I know this is slashdot, but do all of the comments have to be so hopelessly trite? Surely there are easier ways to get positive moderation than regurgitating soundbites about NSA and Linux.
We often have suitable laws; but they just mysteriously never even get brought up, much less by people in a position to do something about them.
After all, it might behoove her to "overlook" certain emails that portray her or the Administration in an unflattering light....
Sorry, but on instances of government, I take an "us vs them" stance.
Us, being the general populace of the US. The people the government is supposed to be accountable to.
Them, being the government, elected and appointed officials and all the aides, toadies, hangers-on, etc that constitute our vastly overgrown federal, state and local apparatus.
But if you want to turn this into Republicrats vs Demoblicans, that's on you.
The whole Snowden debacle showed us that wrongdoing CAN be caught by forcing these people to use accountable services.
Rather than taking things off to private, unaccountable services.
Sure, the release of the Snowden info embarrassed a lot of people. But they were people doing things they shouldn't have been in the first place. Thinking that NOBODY would EVER get to look at government data who wasn't already in on the swindle.
A hardware crypto device can en-/decrypt faster than the disk transfers. Therefore, no latency at all.
Latency and bandwidth are distinct measurements. Im not sure your assumption is safe at all.
The N5 does have a swappable battery.
Who even bothers with FDE if the key will be no stronger than what, six numeric characters?
I do, because I recognize that you dont have to hit "perfect security" to have "worthwhile security". A 7-10-digit pin is going to protect my data pretty well against casual theft, and against attackers who do not have the time or resources to image the flash. It also protects me against casual backdooring; until the code is cracked, no malicious code can be inserted (again without gaining physical access to the flash chips).
Yea, it wont protect me against top-echelon attackers, but then if that was my risk model there are a LOT of other vectors I would be worried about before the length of my PIN.
So no trial, just execution of punishment?
She'll cop a plea, and Obama will pardon her on his way out. For a small consideration of $40M or so towards his presidential library fund.
..except she looks better in a red dress.
Yahoo's decline will continue. Turns out that a celebrity CEO isn't worth shit if she can't actually do the job.
Sorry but "the shitstorm will be her punishment" isn't acceptable.
The rules are there for data retention and accountability purposes.
Didn't we learn ANYTHING from the whole Lois Lerner debacle?
Aside from the obvious issues with complying with transparency, discoverability, and archiving requirements that are legally imposed on official business even at much lower levels(heck, I've done penny-ante IT minion stuff for small municipalities that was subject to public records laws that would have made doing things over personal email grossly unprofessional at best and illegal at worst, and she's the fucking Secretary of State...), what about security?
Given the delightful creep of the Top Secret National Security Stuff blob to cover ever larger swaths of DC, surely the Secretary of State does some emailing about stuff that is, at least for little people, probably supposed to not leave the SCIF, much less be handled by who-knows-who at some random email provider or a DNC mailserver admin.