Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Overall: This is interesting, because of how huge of a Java/Tomcat house Apple is in-house.

In a browser: Java, like anything has it's bugs. Hopefully the stewards of Java for the browser keep it current.



The current vulnerability affects environments where untrusted code already executes. Since applets can be used to upload arbitrary code, it makes sense to block it.

This isn't a political move I don't think, just a common sense mitigatory move to protect people. Web apps running Java are safe from this vulnerability, unless they're accepting user-supplied code and running it.


That's a great clarification and fact that sadly may be lost in the dramatics of the headline, either done on purpose or someone didn't understand before submitting.


I thought the same thing too… I only read "Apple blocks Java 7…"

The "…Mac Plugin" part was completely lost in my skimming.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: