Coffeehouse Thread

38 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

What OS is not business critical ready?

Back to Forum: Coffeehouse
  • User profile image
    JohnAskew

    http://news.msn.com/science-technology/apple-blocks-java-on-macs-due-to-vulnerabilities?ocid=ansnews11

    I cannot believe this. What a pack of amateurs.

    Anyone care to explain how this is ok with anything? How many businesses are out of business today from this flippant unprofessionalism?

  • User profile image
    JohnAskew

    Seriously. Apple blocks Java on all devices.

    Insane.

  • User profile image
    JohnAskew

    "earlier this month the U.S. Department of Homeland Security recommended disabling Java in Web browsers to avoid potential hacking attacks. Oracle Corp., which owns Java, has issued updates that fix known vulnerabilities, but the DHS expects that there are more flaws in Java's coding."

    So is Microsoft going to block all Java?     It would be very stupid I believe.

  • User profile image
    evildictait​or

    , JohnAskew wrote

    So is Microsoft going to block all Java?     It would be very stupid I believe.

    No. Java is made by another company (Oracle), and if Microsoft started playing Shenanigans to disable Oracles' software for clients that depend on it, they might get sued for unfair business practices by both Oracle (because Microsoft is unfairly depriving them of customers) and by the customers (because Microsoft is unfairly disabling their business critical apps).

    That said, I'm pretty sure everyone at Microsoft would strongly advise companies to consider alternatives, but that's an entirely different ball game.

  • User profile image
    davewill

    Normally when we hear about a security flaw we read the initial write-up that doesn't give anything away and we note who or how it was discovered.  It seems most are discovered by researchers who do this for a living.  So generally it takes a while before the exploitation has been used in the wild and has grown in usage.  Usually a security patch is released before or shortly after any significant pickup in usage occurs.

    Over the last couple of years, with Java it seems like it has shown a pattern of repeated early stage wide spread exploitation.  Something about that seems very different from the past.

  • User profile image
    JohnAskew

    @evildictaitor: How can MS and apple be so different in terms of reaction? One is responsible and the other not? I just learned of all of this mess today. Apple apparently blocked Java 1.7 earlier then Oracle patched it and they turned it back on, then they found only one of two issues were patched and then turned it back off... workaround includes reverting to Java 1.6, but really... wow.

  • User profile image
    DCMonkey

    I say good for them. Java on the client is a scourge and the sooner people reconsider their reliance on it the better.

     

  • User profile image
    gcorcoran

    For all the businesses using and developing java based applications, it just seems shocking to block it without any warning. Just think about how much time it would take to drop everything and develop in a different language in a business world full of already tight schedules... it's just insane.

     

  • User profile image
    magicalclick

    @JohnAskew: because Windows has 90% of desktop market share and Apple does not.

    Leaving WM on 5/2018 if no apps, no dedicated billboards where I drive, no Store name.
    Last modified
  • User profile image
    Kental2

    Honestly, as much as I abhor Java, I am rather stunned by Apple's decision.  If I were a business using an Apple product, this would make me think twice.  Some of the more ignorant home-users or Apple apologists might cheer them on for the decision, but for a company whose infrastructure might rely (depressingly) on Apple + Java, you just slammed the door in their faces.

  • User profile image
    DCMonkey

    Yeah, Apple could have warned people they were going to do this. But, apparently the block can be disabled. Or one can use a different browser that doesn't use Mac OS's XProtect list mechanism.

  • User profile image
    evildictait​or

    , magicalclick wrote

    @JohnAskew: because Windows has 90% of desktop market share and Apple does not.

    And 99.99% of the business desktop share.

    And for those that don't like it, this type of reaction is one of the reasons why it has 99.99% of the business desktop share.

  • User profile image
    JohnAskew

    , evildictait​or wrote

    *snip*

    And 99.99% of the business desktop share.

    And for those that don't like it, this type of reaction is one of the reasons why it has 99.99% of the business desktop share.

    QFT

  • User profile image
    Blue Ink

    , gcorcoran wrote

    For all the businesses using and developing java based applications, it just seems shocking to block it without any warning. Just think about how much time it would take to drop everything and develop in a different language in a business world full of already tight schedules... it's just insane.

    Hardly without warning: the way I read it, Apple just reverted a previous decision to re-enable Java after finding out that Oracle's patch was only partially effective.

    I'm not an apologist of Apple's tactics, but this time they are kind of justified by Oracle's incompetence.

  • User profile image
    evildictait​or

    , Blue Ink wrote

    I'm not an apologist of Apple's tactics, but this time they are kind of justified by Oracle's incompetence.

    I'm not sure a bank who can't make any money today because all of their trader's java application just stopped working on all of their Macs will see it the same way.

    Disabling people's software should only be done by consent of the user. Remotely crippling someone's machine under the guise of a security patch makes people less likely to install security patches in future (putting them at more risk), and means that your platform isn't suitable for running in an environment where being able to use your company's application today is important.

  • User profile image
    GoddersUK

    @evildictaitor: Presumably there must at least be some way for the end user to override this behaviour?

    If I were an Apple user right now I'd be worried that anyone (Apple included) can remotely mess with my machine without my express consent. That's scary as anything.

  • User profile image
    magicalclick

    Hell, Firefox is doing "trust" as well. Because it blocks Java and Silverlight while allow Flash to be used which is top 10 worst software with tons of security holes.

    Leaving WM on 5/2018 if no apps, no dedicated billboards where I drive, no Store name.
    Last modified
  • User profile image
    elmer

    , magicalclick wrote

    Hell, Firefox is doing "trust" as well. Because it blocks Java and Silverlight while allow Flash to be used which is top 10 worst software with tons of security holes.

    Click-to-Play is not really the same.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.