They don't know if a crash is caused by the browser, Java, some security problem, etc. The end user has no idea what has happened except that they "can't do Java", which is what we hear from them. Intermediate updates require special intervention to replace applications like Java. in between missions) and some of them got stuck with this problem. IT security for the DoD updates browsers and Java when windows of time allow (e.g. Java is accessed on isolated networks, making such a case extremely unlikely, and updating software doubly difficult. > than potentially be exploited and possibly have malware installed on their > have their browser crash when Java does something insecure and unsafe rather > I would think that people working in the defense industry would prefer to (In reply to Al Billings from comment #62) > can roll out a new Java (which requires a lot more qualification than a > The alternative is people are going to be stuck on the old ESR until they > (especially if they don't allow Java on the web, just inside their > behind a preference so that companies can make their own decisions > Maybe the thing to do here is (as bad as it sounds) is put this security fix > Was there really no way to workaround/fix for the security bug except by > When will the security bug be opened so we can see the fix? I appreciate that Oracle had a mistake in the plugin, but blowing up the browser is not an acceptable solution. Based on posts above, there is a bit of arrogance in that the most 'pure' solution *must* be implemented, which ignores the real world impact utterly. Our company has customers in defense and aerospace that are using FF + Java and Java gets far more scrutiny than FF does, and for good reason. (In reply to Mike Kaply from comment #60)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |