LATE REGISTRATION RATES FOR #HITB2014KUL STARTS ON THE 1ST OF OCTOBER ONWARDS!

REGISTER ONLINE NOW

 

Hands-on Technical Trainings - 13th & 14th October

http://conference.hitb.org/hitbsecconf2014kul/#tile_schedule

Triple-Track Conference - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/conference-speakers/

 

Capture the Flag - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/capture-the-flag/

HackWEEKDAY - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/hackweekday/

CommSec Village - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/commsec-village/

Java still has a crucial role to play—despite security risks

http://cdn.arstechnica.net/wp-content/uploads/2012/10/java-taped.jpg

Java has its security flaws, but it isn't going away any time soon—after all, many important applications run on the technology, especially in business settings. Still, numerous users are worried enough about vulnerabilities that they restrict Java's ability to run on their machines. That's what we heard from Ars readers when we asked Friday whether they let Java run on their computers, and why.

Some users have disabled or uninstalled Java entirely. But the most common solution for those worried about security risks is to leave the Java Runtime Environment in place on the desktop while disabling the browser plugins that allow Java applets to run on websites. Those plugins are often vulnerable to attacks involving remote code execution.

"Java as a desktop framework is not a big security risk," writes commenter Stilgar. "It is the browser plugin that presents a problem. Avoiding desktop Java on purpose does not make any sense. On the other hand every browser plugin you install on any browser increases the attack surface."