Comment Re:64-bit (Score 1) 101
On linux, sure.
On Windows, Chrome and Firefox are 32bit.
On linux, sure.
On Windows, Chrome and Firefox are 32bit.
I use KDE now (although I like Xfce on my older machines as well).
I have a P4 that runs KDE *acceptably* - though boot times from power on to a functional desktop are glacial. Though I upgraded the RAM because of a bug in the intel graphics driver that would claim too much shared memory.
Sounds great.
Q: What's the catch?
A: Your cloud backup will probably disappear without warning thanks to inter-governmental anti-{piracy, terrorism} efforts.
In that series, a legal case was withdrawn after it was revealed that the Hubots in question had illegal after-market firmwares installed.
I wouldn't be too keen to blame the plugin per se anyway.
The whole Java library (rt.jar and others) relies on a security model. Each class invoked has checks to see if a security manager is running and if yes then possibly deny a request based on permissions.
Poor development practices in not vetting the codebase for security checks have caused this. Specifically, this security breach is via new functionality included in JRE 1.7, where any assumptions of security requirements have been invalidated.
An audit of every class included in the JRE needs to occur with unit tests for expected behaviour inside a sandbox and outside.
Applets in a browser are the most common usage of a SecurityManager but pointing a finger at the plugin itself won't fix the underlying library code...
Well since the acquisition was announced in April 2009, there have been a total of 25 updates to the JRE 1.6 u14-u39. That represents about 150 security fixes (according to wikipedia) to a 'stable' product for which development commenced at least as early as Mustang's release in Sept 2004.
I'd suggest a fair number of those bugs lurked in the codebase back in 2008, back in the days of "the Sun Way".
So while we can blame Oracle for the current crisis in not vetting new 'method handle' code for invokedynamic functionality, as you say "The JDK codebase is incredibly complex".
A logo featuring an image like this maybe?
I was called in for an "agency interview" last week. That didn't go so well but they said they'd pass my details onto their other consultants.
A couple of days later, I see a posting on a job board for "5 positions available" from the same company, matching my skillset. No phone call - so yes, phantom job postings would seem to exist and I won't waste my time with that agency again in a hurry.
Depends on whether the vulnerability is in the JRE or the core libraries. The browser plugin, web start, the auto updater, tray icon, control panel etc as found on the Windows install are Oracle-proprietary.
Red Hat (& other contributors) have coded open source substitutes for applets and jnlp applications but I haven't seen info as to whether these IcedTea components are at risk.
Backporting security fixes to an old OS X release isn't feasible for Oracle because they don't own the particular codebase that targeted Snow Leopard and earlier. Apple forked the JDK under a commercial license from Sun back in the day, incorporating OS X specific implementation details, which for earlier Java releases lies in Apple HQ.
When Apple handed over the reins to Oracle, any code they contributed back to the OpenJDK codebase would have been for the then current OS X revision (Lion) and thus likely unportable to Snow Leopard without modification. Code "Soy Latte" existed some 4 years ago as a community effort to port OpenJDK to OS X 10.5 and later but this was never the "official" port used by Apple.
Were Apple any better during their stewardship of Java? I seem to remember JRE versions were tied to releases of OS X. Our efforts to develop a Swing application were stifled because our user base (e.g. schoolkids with iBooks) were stuck forever on Java 1.5.
So blame Oracle but some of the blame goes back to Jobs, who in later years did much to sideline Java.
Don't they teach world history/geography in schools these days?
NSW has existed on world maps for over two centuries, has a population larger than Washington State or Serbia and is bigger than Texas or Mozambique.
So it's okay for Conroy to ban technology company Huawei from supplying equipment for the NBN over spying concerns yet it's okay for our government to target its own citizens. Hmmm...
"It's the best thing since professional golfers on 'ludes." -- Rick Obidiah