Articles about Java

Bite my shiny metal Ask: Java for OS X crapware storm brewing

Mac fans now have one more thing in common with their Windows-using bosses: their Oracle Java updates now try to smuggle in Ask's browser toolbar. The upgrade, version 8u40 of Java for OS X, tragically tries to install the plugin, which hijacks the user's default web search engine and homepage to Ask.com. Windows users of the …
Shaun Nichols, 06 Mar 2015
Good riddance to bad Java

Chrome version 42 will pour your Java coffee down the drain: Plugin blocked by default

The latest release of the Chrome web browser, version 42, will block Oracle's Java plugin by default as well as other extensions that use the deprecated NPAPI. The Chrome 42 – available now – brings about the end of official support for NPAPI, a move that will render various plugins incompatible with the browser. Among those …
Shaun Nichols, 14 Apr 2015
Good riddance to bad Java

Minecraft debuts new block – one that blocks Java crapware, that is

Oracle may be sticking with its plan to bundle unwanted software with its Java installer and updates, but Minecraft players soon shouldn't have to worry about it, thanks to a new launcher for the popular Java-based game. Minecraft maker Mojang – now a division of Microsoft – has been rolling out the new launcher over the past …
Neil McAllister, 09 Mar 2015
More flaws found in Java

Azul tackles Oracle with open-source Java for Internet of Stuff

Azul Systems has added a new, ultra-compact entry to its portfolio of alternative Java environments, taking a run at Oracle for the lucrative mobile, embedded, and Internet of Things (IoT) markets. Zulu Embedded is a stripped-down sibling of Zulu, Azul's certified, cross-platform build of OpenJDK – Oracle's open source reference …
Neil McAllister, 25 Mar 2015
More flaws found in Java

No, modular Java isn't dead. It'll be in Java 9 – honest

Despite significant delays, Oracle is once again moving forward with Project Jigsaw, a major undertaking that aims to allow Java developers to break their programs down into independent, interoperable modules. Jigsaw was first intended to be a major features of Java 8. By 2012 Big O decided that waiting for Jigsaw to be ready …
Neil McAllister, 03 Jul 2014
Crop of doctor with pen and clipboard

Microsoft offers checkups for Java web apps with Azure-backed code profiling service

In its latest nod to cross-platform application development, Microsoft has opened its Visual Studio Application Insights cloud software telemetry service to Java developers. The software giant announced the new Applications Insights SDK for Java in time for the EclipseCon North America 2015 conference, taking place in San …
Neil McAllister, 09 Mar 2015
Groovy programming language

Groovy Java guy off for Restlet

Guillaume Laforge, leader of the Groovy project, is joining Restlet, a small company which supports the open source Restlet framework. The Restlet framework is used by Java developers to create web APIs, such as those which provide cloud services to mobile and web applications. It takes its name from REST (Representational State …
Tim Anderson, 02 Mar 2015
Good riddance to bad Java

Oracle's piping hot new pot of Java takes out the trash (faster)

Oracle's latest update to the Java Development Kit doesn't add any new language features or change any APIs, but it still includes a number of enhancements that should please Java developers and users. Released on Tuesday – a couple of weeks ahead of Java SE 8's first birthday – Java Development Kit 8 Update 40 (JDK 8u40) …
Neil McAllister, 04 Mar 2015

65 patches later and Java STILL breaks stuff

Software tool vendors are complaining that recent updates to Java are breaking their environments. The problem seems to be in JVM's bytecode verification, in Java 8, Update 11 and Java 7, Update 65. According to InfoQ, developers running into the bug include JRebel (from ZeroTurnaround), the Groovy programming language, the …
A Simple XMLFilter class

Google v Oracle: US Supreme Court turns to Obama in Java copyright war

The US Supreme Court hasn't decided whether it will hear arguments in the long-running dispute between Google and Oracle over Java copyrights, and it has asked the Obama administration to weigh in before it makes up its mind. On Monday, the Supremes posted a memo inviting US Solicitor General Donald Verrilli, Jr to "express the …
Neil McAllister, 12 Jan 2015
Suitcase bulging with cash

Open-source Java pals Groovy and Grails seek moneybags backer

Two major open source Java projects, Groovy and Grails, are looking for new sponsors. Pivotal, a company which supplies tools for big data analytics and cloud-oriented agile development, has announced the end of its funding for Groovy (a dynamic language that runs on the JVM (Java Virtual Machine) and Grails (a web application …
Tim Anderson, 22 Jan 2015
Slide from Oracle's 2012 case against Google using Java

Google hauls Java-on-Android spat into US Supreme Court

Google's long and bitter dispute with Oracle over the Java implementation in Android is set to go all the way to the US Supreme Court. The court has listed Google's request to have the US Court of Appeals' decision in the case reviewed. The row has been bubbling along since 2011, when Oracle alleged Google owed it “billions” …
Simon Sharwood, 09 Oct 2014

2014 in infosec: Spammers sneak small botnets under the wire, Java is dull

Cisco's annual report on the state of global cybersecurity claims spammers just won't die and are using new tactics to avoid detection by filters; malware programmers are abandoning exploiting Java; and there's a possible silver cloud in the Sony Pictures hacking storm. The networking giant saw malware-carrying spam up 250 per …
Iain Thomson, 20 Jan 2015

Big Java security fixes on the way – but not so fast, Windows XP users

As if running Windows XP after Microsoft withdrew support wasn't risky enough, XP users who have Java installed may soon have even more to worry about. Oracle is due to issue its next Critical Patch Update – the massive, quarterly fix-it fests that deliver security updates across the company's entire product line, including Java …
Neil McAllister, 04 Jul 2014

Radio 4 and Dr K on programming languages: Full of Java Kool-Aid

Poll Radio 4 has dipped a toe into Lake Geek with a five part series looking at computer languages. Or more accurately the history and reputation of four computer languages: Fortran, Cobol, Basic and Java. Presented by soi-disant girl geek* Aleks Krotoski Aleks Krotoski, the series ("Codes that Changed the World") emphasises the …
Simon Rockman, 14 Apr 2015
ActiveX

Redmond stall means IE Java axe won't swing till September

Microsoft has handed sysadmins a reprieve by delaying the blockage of vulnerable old versions of Java in its flagship Internet Explorer web browser until September. The postponement was made on the back of complaints to Redmond, which only provided a guide to managing the issue on Tuesday. "Based on customer feedback, we have …
Darren Pauli, 14 Aug 2014
Good riddance to bad Java

Now even Internet Explorer will throw lousy old Java into the abyss

Internet Explorer will soon join its rival browsers by automatically blocking old, insecure add-ons – and it's got its eye set squarely on Java. Microsoft said on Wednesday that starting on August 12, Internet Explorer will begin alerting users when web pages try to launch ActiveX controls that are considered out-of-date and …
Neil McAllister, 07 Aug 2014

We SO DO support Java on XP, maybe even JDK 8, says Oracle

Oracle has issued a statement saying that it absolutely does support Java on Windows XP and may even decide to support JDK 8 on the orphan OS. Oracle's post on the issue says "We expect all versions of Java that were supported prior to the Microsoft de-support announcement to continue to work on Windows XP for the foreseeable …
Simon Sharwood, 14 Jul 2014
Resident Evil zombie takeover

Multi-platform Java bot marshals ZOMBIE FORCE against spammers

Miscreants have brewed a multi-platform strain of malware capable of infecting Windows, Mac OS and Linux PCs. The evil bot, which surfaced in early January, was written entirely in Java and designed to take advantage of the CVE-2013-2465 vulnerability (a Java flaw patched by Oracle last June) to infect victims. The malware - …
John Leyden, 30 Jan 2014
Java logo

Twitter, ARM voted on to Java steering committee

Twitter and ARM have been voted onto the executive of the Java Community Process (JCP), the committee that considers and oversees changes to Java. The JCP holds elections for its executive each year. Members are either “ratified” or “elected”. The former category appears to go to organisations with obvious stakes in Java's …
Simon Sharwood, 30 Oct 2013

Exploits no more! Firefox 26 blocks all Java plugins by default

The latest release of the Firefox web browser, version 26, now blocks Java software on all websites by default unless the user specifically authorizes the Java plugin to run. The change has been a long time coming. The Mozilla Foundation had originally planned to make click-to-run the default for all versions of the Java plugin …
Neil McAllister, 10 Dec 2013
Lock security

Student promises Java key to unlock Simplocker ransomware

A university student claims he is set to release a Java application to decrypt the first ransomware to hit Android devices. The Simplelocker ransomware was revealed 7 June by malware analysts at Eset targeting devices in Eastern Europe. It encrypted via AES large swathes of files on Android device SD cards demanding users pay a …
Darren Pauli, 17 Jun 2014
Java logo

Reality check: Java 8 finally catches a multi-core break

Two years later than planned, Oracle has made Java ready for a multi-core processor world. The database giant has announced general availability of Java 8, calling it a “major new release”. Java 8 is important because it’s the base spec for Java Enterprise Edition, as well as feeding the free and open-source implementation of …
Gavin Clarke, 20 Mar 2014

COFFEE AND DANISH HELL: National ID system cockup forces insecure Java on Danes

A bungled IT upgrade has downed Denmark's universal NemID login system, forcing people to stay on an insecure version of Java if they want to carry out online banking, check their insurance, or retrieve tax return information. Problems with NemID were first reported on Tuesday, and on Thursday the NATS IT consultancy behind the …
Jack Clark, 17 Oct 2013
Sun open sources Java

Sun of a beach! Java biz founder loses battle to keep his shore private

Vinod Khosla, cofounder of Sun Microsystems and billionaire venture capitalist, has lost his battle for his own private beach after surfers successfully sued him for access. In 2008 Khosla spent $37.5m on a 53-acre property on the San Mateo coast overlooking Martin's Beach, a 200-acre stretch of sand that is much beloved by the …
Iain Thomson, 25 Sep 2014
The Register breaking news

Biz bods STILL don't patch hacker's delight Java and Flash

A whopping 81 per cent of businesses run outdated Java while two in five (40 per cent) have not updated Flash, according to the latest figures from net security firm Websense. Websense warns that failing to apply patches that address vulnerabilities in hacker favourites such as Flash and Java leaves these business at risk of …
John Leyden, 10 Sep 2013
A cup of tea

Red Hat ships piping hot Ceylon to curry favor with Java-weary devs

After more than three years of development, Red Hat has released version 1.0.0 of Ceylon, its homebrewed, open-source programming language that's designed to be a replacement for Java. Early on, Ceylon was billed as a "Java killer" by some, but lead developer Gavin King has denied that doing away with Oracle's platform was ever …
Neil McAllister, 13 Nov 2013
Testing Java

Oracle ships Java 8 Developer Preview for testing, 18 months late

Oracle has shipped the Developer Preview of the much-delayed Java Development Kit (JDK) Version 8, the reference implementation of the Java SE 8 Platform. "If you've been watching JDK 8 evolve from afar then now is an excellent time to download a build and try it out – the sooner the better!" Oracle's chief Java architect Mark …
Neil McAllister, 11 Sep 2013
More flaws found in Java

Oracle drops shedload of CRITICAL vuln-busting Java patches

Oracle's autumn batch of quarterly updates included no fewer than 127 security fixes, including 51 for Java alone. The arrival of the Critical Patch Update (CPU) from Oracle means pretty much all of the enterprise server packages from the software giant need patching. Oracle Database Server, Oracle E-Business Suite, Oracle …
John Leyden, 16 Oct 2013
The Register breaking news

Java still vulnerable despite recent patches

Just days after the latest fix, another Java vulnerability has emerged. Described in this Full Disclosure post, the Reflection API flaw affects all versions of Java SE 7 and, according to researcher Adam Gowdiak, “can be used to achieve a complete Java security sandbox bypass on a target system”. As always, the victim would …
The Register breaking news

Oracle blocks security hole with quick, hot 'n' premature Java update

Oracle has brought forward the timetable of an upcoming Java security update by two weeks in order to block off an in-the-wild security hole. The update, originally scheduled for 19 February, was released a fortnight early on Friday because of "active exploitation 'in the wild' of one of the vulnerabilities affecting the Java …
John Leyden, 04 Feb 2013
Java logo

Oracle to lop off Java's least secure bits to save servers

Oracle has acknowledged Java's recent security problems and outlined three new security initiatives to set things to rights. The first may not please everyone, as the company has committed to including Java updates among the quarterly Oracle Critical Patch Update it provides for all its products, as of the October 2013 update. …
Simon Sharwood, 03 Jun 2013
padlock

Java bug burns Borg

Cisco has asked users of its Secure Access Control System 5.5 or lower to implement an urgent patch, as it has spotted several problems with its RMI implementation. There are three independent bugs: one privilege escalation vuln (CVE ID CVE-2014-0649, here), an unauthenticated user access vulnerability (CVE 2014-0648 here), and …
More flaws found in Java

Critical Java SE update due Tuesday fixes 40 flaws

Thought your Java security woes were behind you? Think again. Oracle is planning to release a Critical Patch Update on Tuesday that affects multiple versions of Java, and it's another doozy. According to Oracle's security announcement, the patch pack addresses 40 different vulnerabilities. All update levels of Java SE 5, 6, and …
Neil McAllister, 14 Jun 2013

Java EE 7 melds HTML5 with enterprise apps

Oracle has announced public availability of Java EE 7, the first major release of the enterprise formulation of Java since the database giant took control of the platform in 2010. The last version shipped way back in 2009. Support for HTML5 and related technologies is one of the key themes of this release. Among the new APIs …
Neil McAllister, 13 Jun 2013
More flaws found in Java

It's about time: Java update includes tool for blocking drive-by exploits

Oracle's latest update to the Java SE Development Kit (JDK) version 7 adds new security features designed to help businesses avoid being stung by critical vulnerabilities in out-of-date versions of Java. After a string of embarrassing Java security flaws was disclosed by independent researchers, Oracle has made addressing …
Neil McAllister, 13 Sep 2013

Oracle patches Java 0-day, goes to Defcon 2

Oracle has patched the latest Java nasty, suggesting users of the increasingly-flaw-prone product visit java.com pronto to download a new version of the software that addresses the flaw and stops malicious websites gaining control of compromised computers. In a blog post describing the fix, Oracle's Eric P. Maurice may just have …
Simon Sharwood, 13 Jan 2013
The Register breaking news

Yet another Java zero-day vuln is being exploited

A new Java zero-day vulnerability is being exploited by attackers, and until it is patched everyone should disable Java in their browser. The vulnerability targets browsers that have the latest version of the Java plugin installed – Java v1.6 Update 41 and Java v1.7 Update 15 – malware researchers FireEye reported on Thursday. …
Jack Clark, 01 Mar 2013

Oracle pours hot, steaming Java into heterogeneous heaven

APU13 The future of heterogeneous computing, in which CPUs and GPUs transparently share memory and seamlessly share tasks, has taken another step to fruition: Oracle has joined the HSA – heterogeneous systems architecture – Foundation, with the intent of making Java fully HSA-compliant. "Our intent at Oracle ... is to make [Java] the …
Rik Myslewski, 13 Nov 2013

ARM servers to gain boost from ARM, Oracle Java partnership

ARM Holdings on Monday announced that it has entered into a multi-year partnership with Oracle to optimize the Java Platform, Standard Edition (Java SE) for the ARM processor architecture, including 64-bit ARMv8 designs. ARM chips have long dominated the mobile computing biz, but this new effort will focus mainly on improving …
Neil McAllister, 22 Jul 2013
Oracle headquarters

Oracle grunts, grimaces, pushes out 98-flaw security patch batch

Oracle has patched nearly 100 security flaws in Java, Fusion Middleware, Database, MySQL and other products. For Java SE, the update fixes 14 CVE-listed bugs. All of the flaws are remotely exploitable without authentication to compromise a victim's computer, and three were given risk assessment scores of 10 out of 10. (Psst ... …
Shaun Nichols, 15 Apr 2015
spiders crawl through tunnel of binary numbers

Java applets run wild inside Notes

Attackers with a desire to rummage around inside the PCs of Notes users can do so merely by sending HTML emails containing a Java applet or JavaScript, IBM has admitted in a security advisory. Full Disclosure describes the effects as potentially nasty, saying "This can be used to load arbitrary Java applets from remote sources ( …
Simon Sharwood, 02 May 2013
Greg Luck, CTO at Hazelcast

Hazelcast signs Java speed king to its in-memory data-grid crew

In-memory data-grid specialist Hazelcast has landed the guru behind Java caching framework Ehcache as its chief technology officer. Greg Luck is joining Hazelcast to refine its in-memory data-grid product for enterprises and to develop paid-for packages. Luck is famous for leading Ehcache, the most widely used Java cache …
Gavin Clarke, 21 Jan 2014
Android

'Copyrighted' Java APIs deserve same protection as HARRY POTTER, Oracle tells court

Oracle has asked an appeals court to decide that it does have copyright protection for its Java APIs, which Google used in the creation of its Android operating system, and thereby revive its billion-dollar suit against the firm. Oracle’s lawyer Josh Rosenkranz told the three-judge panel of the US Court of Appeals that Google …
Java logo

Java open-source frameworks 'pose risk' to biz - report

Open-source programming frameworks revolutionised Java development during the last decade, but not enough people know how to use them properly. That’s according to the CRASH Special Report by CAST that sampled 496 applications with 152 million lines of code and found most apps had been misconfigured. This increased the degree of …
Gavin Clarke, 31 Jan 2013
OpenJDF logo

Azure inhales open source Java implementation

Microsoft and Azul Systems have hoisted the open source Java implementation OpenJDK onto the Redmond's Azure cloud, giving developers access to the language on Azure's Windows-based cloud services. The news was announced by Azul Systems at the O'Reilly Open Source Convention in Portland, Oregon, on Wednesday. The OpenJDK for …
Jack Clark, 24 Jul 2013

Java, Android were THE wide-open barn doors of security in 2013 - report

While it was another tough year for network security all around, 2013 was particularly hard on users of Java and Android, new research from Cisco has found. According to the networking giant's latest Annual Security Report, Java flaws were responsible for 91 per cent of all web-based exploits in 2013. Meanwhile, fully 99 per …
Neil McAllister, 17 Jan 2014
management consumerisation

Java or .NET bod in the Midlands? Congrats - you've got a DOUBLE DIGIT payrise

IT contractors are being treated to whopping great annual pay rises of up to 13 per cent, a survey has revealed. While the rest of the world makes do with rock bottom wages, tech bods working in the financial services sector are finding their pay packets shoot skywards due to heavy demand for their skills, according to the …
Jasper Hamill, 25 Feb 2014
The Register breaking news

Oracle slaps critical patch on insecure Java

Oracle has issued a critical update patch for Java as the database giant works to shore up confidence in the widely used code. The security update fixes 42 security flaws, 19 of which merit a 10 (most severe) rating acording to the CVVS metric the company uses to evaluate the software. Along with this, Oracle has also sought to …
Jack Clark, 17 Apr 2013
Java logo

Apple banishes Java from Mac browsers

Apple has discontinued its own Java plugin, issuing an 'update' that removes it from MacOS and encourages users to instead download Oracle's version of the software. The update, available now and depicted at the bottom of this story, advises users to install new software with the following effect: Java for OS X 2012-006 …
Simon Sharwood, 19 Oct 2012