John Paczkowski

Recent Posts by John Paczkowski

Patched or Not, Homeland Security Says You’re Still Better Off Without Java

java_skull_crossbonesJust because Oracle patched the latest vulnerability in its Java software for Web browsers doesn’t mean it’s wise to continue using it.

That’s the gist of the U.S. Department of Homeland Security’s latest vulnerability advisory on Java, which has been in the headlines for the past week because of yet another critical vulnerability that could be exploited to install and execute malicious code on unguarded systems.

“Unless it is absolutely necessary to run Java in Web browsers, disable it,” Department of Homeland Security’s Computer Emergency Readiness Team (CERT) advised. “This will help mitigate other Java vulnerabilities that may be discovered in the future.”

CERT’s recommendation, while blunt, echoes that of security researchers who have long said the best solution for the perennially vulnerable Java is to dump it entirely. As Twitter engineer and security expert Charlie Miller told Reuters, “It’s not like Java got insecure all of a sudden. It’s been insecure for years.”

Twitter’s Tanking

December 30, 2013 at 6:49 am PT

2013 Was a Good Year for Chromebooks

December 29, 2013 at 2:12 pm PT

BlackBerry Pulls Latest Twitter for BB10 Update

December 29, 2013 at 5:58 am PT

Apple CEO Tim Cook Made $4.25 Million This Year

December 28, 2013 at 12:05 pm PT

Latest Video

View all videos »

Search »

I think the NSA has a job to do and we need the NSA. But as (physicist) Robert Oppenheimer said, “When you see something that is technically sweet, you go ahead and do it and argue about what to do about it only after you’ve had your technical success. That is the way it was with the atomic bomb.”

— Phil Zimmerman, PGP inventor and Silent Circle co-founder, in an interview with Om Malik