Tagged Questions

2
votes
2answers
71 views

Security of viewing a website containing Java applets offline

I've been wondering whether viewing a website offline increases the security risk. The reason why I'm asking is that having been a short time java applet developer (for a small task) I've come to ...
1
vote
1answer
51 views

Java applet authenticity problem

I implemented an applet in java to authenticate users at my website by the usage of MIFARE cards and everything is working good. However I am concerned about the applet's authenticity, in other words, ...
4
votes
2answers
104 views

JInitiator is obsolete and I should reject it on grounds of security, right?

I'm getting a lot of flack and resistance from developers for not allowing a large (200+ users) roll-out of Oracle's JInitiator (http://www.oracle.com/technetwork/testcontent/jinit-084453.html) as ...
6
votes
2answers
234 views

How to keep using Java 6 securely, despite its unpatch vulnerabilities

Given that Java 6 is now deprecated by Oracle and there recently has been notification of a 0day (that will exist forever now that Oracle is not patching JRE6), what can we do to prevent drive-by ...
1
vote
2answers
78 views

Do XBAP applications have the same vulnerabilities as Java Web Apps?

In response to the popular decision in disabling Java Web Apps, there has been very little mention of XBAP applications. XBAP applications are similar to Silverlight but it offers more options to ...
0
votes
2answers
142 views

Is a browser with disabled scripts and disabled java enough against malware

Is a browser like Firefox with disabled scripts (for example via a plugin like no-script) and disabled java enough to be protected against dryve-by-malware from the internet. Of course this does not ...
8
votes
2answers
1k views

Will disabling the Java add-on in IE protect you from Java exploits?

Concerning the recent Java vulnerability (Should I be disabling Java?), the most common advise seems to be to disable Java plug-ins in the browser. However, Heise Security suggests that, when it ...
4
votes
2answers
814 views

Does Java applets reveal the real IP address, even when using proxy or vpn?

Can a Java applet reveal the original client IP address, when browsing through a proxy or a VPN? Why?
3
votes
2answers
341 views

Can one get infected through visiting a site with a PHP script on it and if yes, how?

I can imagine a clientside JavaScript that gets executed in a vulnerable browser to do some harm, but how can this be done with PHP? Since it's serverside it shouldn't have access to the visitor's ...
4
votes
4answers
411 views

Is silverlight and Java running on the web browser capable of saving “state” into the user's local machines?

I am aware that even after we have cleared our cache and cookies, websites can still save files/information into our computer using Flash (Flash ever cookies), I was wondering does other plugins like ...