Saturday, February 16, 2013

"Hackers" hold security conference in Washington DC hotel; criticism of Java, Adobe Acrobat Reader


When I went to the Electronic Frontier Foundation “Speakeasy” event in Washington DC February 15 (“BillBoushka” blog today), I did have trouble finding it, in the bowels of the Hyatt Regency Capitol Hill near Union Station.  I wound up having a belated dinner (service too 35 minutes) sitting with a group called ‘Infosec for Higher Education”.  Downstairs, people could register for a “hacker conference” with groups there like “Hackers for Charity”.  The private conference appeared to be aimed at dealing mainly with corporate espionage, especially from China.

I asked a young man sitting at the Infosec table a few “reporters” questions. He was underwhelmed that Oracle had finally replace java on home computers with the latest security patch, after DHS even recommended users turning off java.  He said that java is “full of holes”.  MacIntosh now turns it off by default. 
  
I did have an older version of my site “johnwbouska.com” site with a  Florida-based company called Java Started from 2002 to 2006.  In the summer of 2006, the company simply stopped supporting the java engines, and the site became inoperable with Apache internal server errors.  It had been bought by another company in New Jersey and I never heard what happened.
  
Other ISP’s have told me that they support php but not java, which they say is too hard to secure.  I don’t know why.
  
Since about 2001 or so, retailers have used java as their basic engine for developing their sales websites. 
When I worked for ING-Reliastar, it used java for its mid-tier data access layer, but not for the presentation to users (for which it used Powerbuilder).  Was security a concern then?

  
Java made tremendous progress from 1996 into being accepted as a production language by about 2000, but now it doesn’t seem to enjoy such a good reputation. Why?

The security person also told me that Adobe reader causes serious security risks for some home users, and that Adobe had gone "out of control" with often unnecessary features.

I used PDF files all the time myself, as a respository for my book drafts.  And I look at them online without much thought, whereas I don't like to look at Microsoft Word documents directly -- but that may be an "old chestnut".


No comments: