On Thu, 30 Aug 2012 08:23:39 +0200, Ryan Schipper wrote: The Australian DSD (our version of the NSA) indicated recently that 85% of the incidents they investigated could have been avoided through: - effective patch management (3rd party and OS) - applying the least-privilege principle - implementing application whitelisting I agree, but Casper has got a point in saying that.now. there's a dangerous security hole for which there's no patch and thus the only solution is to disable Java. It's obvious that this solution creates problems to the reputation of Java.

• Why Is Java So Slow In Windows 10
• Why Is Java So Slow In Windows 10

Modern Java is one of the fastest languages, even though it is still a memory hog. Java had a reputation for being slow because it used to take a long time for the VM to start up. If you still think Java is slow, see the benchmarks game results.

So I hope Oracle will release a fix in a matter of.days. At this point, one will be able to assert that the responsibility has been shifted to people that don't apply the patch. The only refinement to the original Casper's question is a comparative one: is really Oracle slower than others? Apple in the past was terribly slow in releasing patches and there were cases in which some big security holes related to Java were exposed for a long time.

Fabrizio Giudici - Java Architect, Project Manager Tidalwave s.a.s. 'We make Java work. KWright 30.08.12 1:15. On Thu, 30 Aug 2012 08:23:39 +0200, Ryan Schipper wrote: The Australian DSD (our version of the NSA) indicated recently that 85% of the incidents they investigated could have been avoided through: - effective patch management (3rd party and OS) - applying the least-privilege principle - implementing application whitelisting I agree, but Casper has got a point in saying that.now. there's a dangerous security hole for which there's no patch and thus the only solution is to disable Java. It's obvious that this solution creates problems to the reputation of Java. So I hope Oracle will release a fix in a matter of.days.

At this point, one will be able to assert that the responsibility has been shifted to people that don't apply the patch. The only refinement to the original Casper's question is a comparative one: is really Oracle slower than others? Apple in the past was terribly slow in releasing patches and there were cases in which some big security holes related to Java were exposed for a long time.

On Thu, 30 Aug 2012 10:15:41 +0200, Kevin Wright wrote: Isn't that a bit like saying: 'Well okay, snails may seem slow, but you only think that because you haven't seen the sloth yet!' Np, it isn't. My security is menaced by the slowness of Oracle as well as of Apple and others, so things must be put in context. Furthermore, if Oracle is the only one to be slow, one might think that it's their specific faulty process. If all manufacturers are slow, perhaps it's a inherent problem of technology or such. Selckin 30.08.12 4:33. I guess I'm slow here.

I only heard about the latest vulnerability on 8/26 or so. I can't see anything indicating it was widely know prior to that. I'm missing where the 4 months comes from on the latest issue. Some vulnerabilities may have gone 4 months - but some vulnerabilities are rather minor too.

You received this message because you are subscribed to the Google Groups 'Java Posse' group. To view this discussion on the web visit.

To post to this group, send email to. To unsubscribe from this group, send email to. For more options, visit this group. KWright 30.08.12 5:47. On Thu, 30 Aug 2012 10:15:41 +0200, Kevin Wright wrote: Isn't that a bit like saying: 'Well okay, snails may seem slow, but you only think that because you haven't seen the sloth yet!' Np, it isn't. My security is menaced by the slowness of Oracle as well as of Apple and others, so things must be put in context.

Furthermore, if Oracle is the only one to be slow, one might think that it's their specific faulty process. If all manufacturers are slow, perhaps it's a inherent problem of technology or such. On Thu, 30 Aug 2012 14:47:59 +0200, Kevin Wright wrote: On 30 August 2012 12:28, Fabrizio Giudici wrote: I think you misunderstood. I was just claiming that Oracle can still be called slow, even if someone else is slower.

All of our security is at risk and I firmly believe that it's because Oracle are sucking up to the investment banks with their firewalls and adversity to change, instead of considering the millions of non-bank Java users. I think that you misunderstood me:-) I'm not denying that Oracle is slow. I'm saying that, at least, Apple is slow too.

I'd like to know about other players, and understand whether Oracle is slower than others or not. Ryan Schipper 30.08.12 6:14. On Thursday, August 30, 2012, Fabrizio Giudici wrote: On Thu, 30 Aug 2012 10:15:41 +0200, Kevin Wright wrote: Isn't that a bit like saying: 'Well okay, snails may seem slow, but you only think that because you haven't seen the sloth yet!' Np, it isn't.

My security is menaced by the slowness of Oracle as well as of Apple and others, so things must be put in context. Furthermore, if Oracle is the only one to be slow, one might think that it's their specific faulty process. If all manufacturers are slow, perhaps it's a inherent problem of technology or such.

Why Is Java So Slow In Windows 10

Fabrizio Giudici - Java Architect, Project Manager Tidalwave s.a.s. 'We make Java work.

Casper Bang 30.08.12 6:37. Cisco uses applets to get a VPN client onto your machine. I enjoy playing an online pool game that's an applet (, also ). My old company in the UK continues to use a Java applet with C library support (hence signed) to display video from live security cameras. Other than isolated cases I'm sure it's disappearing in favour of HTML5.

If we could have proper OS-level sandboxing so that a Windows user could download an.exe,.jar, etc., knowing that the program could only access what it's given permission to, I think we could see a resurgence in desktop apps, especially given their simpler programming model. Not necessarily applets, just desktop apps. Android and iPhone do this and people have little problem downloading an app; I hope desktop OSs catch up. Casper Bang 31.08.12 1:20.

On Thursday, August 30, 2012 9:54:54 PM UTC+2, jddarcy wrote: Correct download links for new releases: On Thu, Aug 30, 2012 at 12:08 PM, Joseph Darcy wrote: For the official response about CVE-2012-4681 see: New releases available for download: 7u7: 6u35: On Thu, Aug 30, 2012 at 11:33 AM, Puybaret wrote: The most weird thing is that Oracle didn't communicate on its web site about his issue yet.:-( Do they want to kill Applets and JWS or what? - You received this message because you are subscribed to the Google Groups 'Java Posse' group.

To view this discussion on the web visit. To post to this group, send email to. To unsubscribe from this group, send email to. For more options, visit this group at. You received this message because you are subscribed to the Google Groups 'Java Posse' group. To view this discussion on the web visit. To post to this group, send email to.

To unsubscribe from this group, send email to. For more options, visit this group. Ben Smith-Mannschott 31.08.12 4:33.

Why Is Java So Slow In Windows 10

On Friday, August 31, 2012, Fabrizio Giudici wrote: On Fri, 31 Aug 2012 13:33:02 +0200, Ben Smith-Mannschott wrote: On Fri, Aug 31, 2012 at 10:37 AM, Fabrizio Giudici wrote: On Fri, 31 Aug 2012 10:20:10 +0200, Casper Bang wrote: Very good news! I hope automatic updates soon will render the security issue moot for the general public. So in the end Oracle wasn't so slow this time, right?:-) Yea. Sure, after doing nothing for four months, they sure hurried in the last four days.:-/ // Ben You're right, I've just read this: - Fabrizio Giudici - Java Architect, Project Manager Tidalwave s.a.s. 'We make Java work.

- You received this message because you are subscribed to the Google Groups 'Java Posse' group. To post to this group, send email to.

To unsubscribe from this group, send email to. For more options, visit this group. Jim Cheesman 04.09.12 1:30. This isn't the forum for a full blown discussion of the financial, policy and legal reasons that SSL is not appropriate. Off the top of my head, consider: - does SSL support transaction signing or granular encryption? - The technical and support implications of end user key generation requirements - accountability for a single credential which can be installed on more than one computer - support for password caching and it's effect on non-repudiation - You received this message because you are subscribed to the Google Groups 'Java Posse' group.

To post to this group, send email to. To unsubscribe from this group, send email to. For more options, visit this group. Mark Derricutt 06.09.12 15:54.