Dear Microsoft / Oracle
Can you please sort out the utter cluster fuck that is Java / IE11 / Win8 please.
I should NOT have to run java applets with escalated admin privileges.
Thank you.
Microsoft has handed sysadmins a reprieve by delaying the blockage of vulnerable old versions of Java in its flagship Internet Explorer web browser until September. The postponement was made on the back of complaints to Redmond, which only provided a guide to managing the issue on Tuesday. "Based on customer feedback, we have …
"I should NOT have to run java applets with escalated admin privileges."
No you shouldn't - port everything to .Net and forever say good bye to dozens of security flaws every update. And gain a performance increase and better UIs.
Or do you really want the code that's responsibile for over 90% of malware exploits (Java) having more access to your system than it already does?
"No you shouldn't - port everything to .Net and forever say good bye to dozens of security flaws every update. And gain a performance increase and better UIs."
So you're saying "Ram portability up yer arse, go Windows only and say hello to a whole slew of NEW security flaws every update."
AC: "No you shouldn't - port everything to .Net and forever say good bye to dozens of security flaws every update"
I thought MS was/has moved from .NET to C++, HTML5 and JavaScript ref, mainly because the managed platform never delivered?
AC: "Or do you really want the code that's responsibile for over 90% of malware exploits (Java)"
Well, if MS had actually worked with SUN to produces a truely cross-platform, sandboxed and secure product, instead of forking off their own Windows only version, they wouldn't be in the current mess.
The problem isn't necessarily MS and/or Oracle although ultimately they do own the problem. In my own case, I know exactly who to blame but can't do a damned thing about it because I don't have the authority. Somewhere in another building are a bunch of stick up their arse programmers who won't adopt correct processes for their web based software. They insist on detecting an EXACT version of Java for their product. Not, Java must be at least, the EXACT version. Even though Java has be rewritten so you no longer NEED an EXACT version. We have found that if you run the latest version of Java and adjust the security settings to medium instead of high their software runs just fine on Windows 7 sp1 in IE 10 with compatibility views enabled. But if you have a problem and you call them about it, gawd help you if you can't uninstall java and downgrade to their EXACT version.
Yeah, we'd all like to uninstall it. Except it is a key part of this government agency's accounting system.
Are you familiar with an ActiveX control called XmlHttpRequest?
It was based on an interface called IXMLHTTPRequest that shipped in the MSXML library with IE5. Because it permitted the creation of dynamic calls to the server via Javascript (using what we now think of as the XHR API) it became extremely popular and the Gecko team created nsIXMLHttpRequest using the same API because of its utility. I believe it went live in 2000 in Mozilla.
By 2004, even Safari supported it. Why?
Because without it, there is no AJAX. All web pages are essentially static.
A lot of ActiveX components were a horrible mistake, granted. People make mistakes, companies make mistakes. As bad as Java applets? Yeah, probably. Not as bad as Active Desktop but definitely up there with applets. But it's important to remember that we got benefits from it too.
Unless you want to go back to to cgi-bin and Geocities pages.
Now there's an idea. Have web pages that are once again using text to pass information on, instead of a bad 8 minute video on a subject that could be described in two or three paragraphs - if one could be arsed to actually write. Much easier to flip on the microphone and mumble, ummm and ahh for six minutes until speaking the one or two sentences that are actually useful.
Go back to the days when company web sites were not a mess of Flash pages unaccessible via URL, when restaurant menus were not a flippin' 10MB PDF file containing 2KB of text and a truckload of uncompressed photos.
Actually, I think I would like to go back to that time.
The way things are going now, in a decade or two all company websites will just be an interactive HD video. To check a product listing, you'll have to download a gigabyte of corporate presentation nonsense and wait ten minutes to get to the part where you can see what the company sells.
God I hope I'll be retired by then.
The way things are going now, in a decade or two all company websites will just be an interactive HD video. To check a product listing, you'll have to download a gigabyte of corporate presentation nonsense and wait ten minutes to get to the part where you can see what the company sells.
Most car company websites are already there. It's actually less hassle to drive to a dealer and pick up a printed brochure than to get the info online.
"Microsoft has handed sysadmins a reprieve by delaying the blockage of vulnerable old versions of Java in its flagship Internet Explorer web browser .. we have decided to wait thirty days before blocking any out-of-date ActiveX controls"
It's priceless, the way they segway vulnerabilities in ActiveX into vulnerabilities in old versions of Java.
"Screw Sun, cross-platform will never work. Lets move on and steal the Java language" Sep 1997
"MS is asking the courts to grant Microsoft the right to terminate Sun’s licenses to Microsoft Java technology" Oct 1997