Langsung ke konten utama

Serious Java Flaws Unearthed

All current versions of Windows are prone to external attack due to a flaw within the Java Web Start Framework. Two security researchers made this announcement yesterday about the flaw. The flaw could lead into very simple Web attacks, to fatal attack on the system. Researchers Tavis Ormandy and Ruben Santamartamade separate statements on this. You can find Travis's one over here and Santamarta's one over here.

If you send the information from the command line, Java Web Start doesn't validate it. That enables the attackers to send especially HTML tags from a Web page. All versions of Java SE 6 update 10 for Microsoft Windows are vulnerable to this attack. If you disable the plugin, it doesn't necessarily mean that you will be able to avoid the attack because the toolkit can be installed independently.



Until Sun releases any patch, the temporary workaround is not to use java or to Disable javaws/javaws.exe and disable Deployment Toolkit. Ormandy contacted with the SUN officials about the flaws. But, they think that the flaws are not serious in nature. So, they can not warrant any quarterly release of this patch.

source : http://blog.taragana.com/index.php/archive/serious-java-flaws-unearthed/

POPULAR

Kerajaan Jeumpa, Kerajaan Islam Pertama Nusantara

Teori tentang kerajaan Islam pertama di Nusantara sampai saat ini masih banyak diperdebatkan oleh para peneliti, baik cendekiawan Muslim maupun non Muslim. Umumnya perbedaan pendapat tentang teori ini didasarkan pada teori awal mula masuknya Islam ke Nusantara. Mengenai teori Islamisasi di Nusantara, para ahli sejarah terbagi menjadi 3 kelompok besar, yaitu pendukung (i) Teori Gujarat (ii) Teori Parsia dan (iii) Teori Mekah (Arab). Bukan maksud tulisan ini untuk membahas teori-teori tersebut secara mendetil, namun dari penelitian yang penulis lakukan, maka dapat disimpulkan bahwa Teori Mekkah (Arab) lebih mendekati kebenaran dengan fakta-fakta yang dikemukakan. Teori Mekkah (Arab) hakikatnya adalah koreksi terhadap teori Gujarat dan bantahan terhadap teori Persia. Di antara para ahli yang menganut teori ini adalah T.W. Arnold, Crawfurd, Keijzer, Niemann, De Holander, SMN. Al-Attas, A. Hasymi, dan Hamka. i Arnold menyatakan para pedagang Arab menyebarkan Islam ketika mereka mendo...

10 Daerah di Indonesia Yang Menghasilkan Wanita Cantik

Kalau  kita  ngomongin cewek cantik, mungkin tidak akan ada habisnya, hampir disemua kota  di negeri kita pasti ada yg cantik-cantik, ini saya ambil dari salah satu polling yg dilakukan di salah satu situs indonesia, Kota kota dengan populasi cewek cantik. 1. Bandung Ini dia, kota yang menurut sebagian besar pemilih mempunyai populasi cewek yang cantik2. Perpaduan kulit mulus, body bagus, wajah yang rata2 "baby face", senyum menawan, murah senyum dan tutur kata yang halus.

MyWare: Personalized Service or Invasion of Privacy?

There's a fine line between what is considered a knowledge database and an invasion of privacy, and that line is likely to be determined by marketing. This week we wrote an article about Please Rob Me - a service that identifies Foursquare and Gowalla check-ins on Twitter and lets others know that a person is not home. While location-based services are often touted for their social and recommendation-based benefits, the realization that they can be used negatively have many questioning the responsibility of those groups that collect the data. In mid January Facebook founder Mark Zuckerberg stated that the age of privacy had come to an end and we responded that evolving preferences were not a valid justification of the elimination of privacy preferences . Nevertheless, between cookie tracking and browser identifiers like those shown in the EFF's Panopticlick and the fact that it only takes your zip code, gender and birthdate to identify you, it's hard to ensure to...