New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Actually those using exploits were pretty much the only ones using it as their only gateway to the browsers.
Using Java in web development is, in my opinion, overkill. It requires much more resources to be executed, is slower and creates yet another security layer that can have breachs.
We tried our best, but even with all this, there are still idiots coding nowadays.
And there will always be.
See, there is a difference between writing secure applets and depending on the java itself to be secure. While you can, in theory, write secure java code, there will always be ways to exploit something within java layer itself.
This is where bloatware killed a secure model, java was supposed to run in a sandbox but more and more things needed to be added and in the end they enlarged so much the attack surface that every blackhat grandma and her dog may stumble across something.
IMO, Java is not bad per se, todays computers can handle it without issues, but it must go back to basics, run in a sandbox and never be accessed directly. Come to think of it, browsers must run in a sandbox, altogether.
What do you sandbox with Maounique? I use Sandboxie when it seems there's trouble afoot (at least when I'm on a Windows machine).
Update from Chromium developers: for Windows and Mac users Java support will be fully dropped in September. Linux users have been first to have Java applets unsupported, for technical reasons.
As for sandboxing, the simplest and less dangerous way atm is to create a virtual machine for that purpose.
Choose wisely... https://hsmr.cc/palinopsia/
Great news.
and also do other precautions to reduce chances to get anything tangible from host computer.
Thanks.
I use virtualization, separate VMs for separate tasks, this way nothing is sandboxed within same VM, and everything is, from each other.
I do not care about frame buffer attacks, i hardly have videocards with own memory and those are on 2 systems I use at times for games and nothing more.
TBH, I saw for a long time that previous images appear at boot of various systems before the spalsh screen loads, i knew this happens for some time.
I bet you're using Xen, are you? :-)
If you are, and if you are passing through GPUs/PCI stubs I would love to talk to you about it!
I am using everything, from xenserver to virtualbox passing through proxmox. As I said, these are servers (mainly L or E 5520 as I know them very well) with hardly any video memory (and I disable the video to lower power consumption as well as USB iLO/BNC and everything not needed) and I am not doing any passthrough since there is little need for something like this. I am in need of IPs and traffic, not much else and since i never had a port higher than 1 Gbps, there is no need for a passthrough, for one of the NICs, for instance.