HomeAboutMailing ListList Chatter /0/0 18.212.222.217

Java Rant

2018-11-04 by: Michael Harrison 
From: Michael Harrison 
------------------------------------------------------
Why SysAdmins are an inherent security risk:=20

The Raritan KVM attached to the servers needs Java/JRE. So I installed =
Java on my Mac to find out that it's essentially worthless, as modern =
Browsers won't run it (thank gawd!) and it is going to be a pain to =
un-install. So on my work around is the Pale Moon browser and the IBM =
Java/JRE 8 on Linux. This works. Partially because Pale Moon supports =
all the old insecure plugins via NPAPI. So that you can run those things =
that manage critical hardware, with invalid expired certificates and =
crunchy bad interfaces, and lots of pop-up warnings saying: "This is a =
bad idea, are you sure you want to do this?". The good news: Java is =
dying. The bad news: for some things, there are no replacements, yet.

Oh, yeah and OpenVPN ROCKS!


X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg
bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn
aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=


===============================================================
From: Stephen Kraus 
------------------------------------------------------
Oracles hostage game is strong.

On Sat, Nov 3, 2018, 11:30 PM Michael Harrison  Why SysAdmins are an inherent security risk:


===============================================================
From: Bret McHone 
------------------------------------------------------
I understand your pain, and share in it..

On Sat, Nov 3, 2018 at 11:30 PM Michael Harrison 
wrote:



===============================================================
From: Lynn Dixon 
------------------------------------------------------
Nothing like the frustration of trying to get the KVM console to work from
IBM's SMC or a janky HP iLo.



On Sun, Nov 4, 2018, 12:05 AM Bret McHone  I understand your pain, and share in it..


===============================================================
From: Dave Brockman 
------------------------------------------------------
s

I deal with this constantly with switches, BMC consoles, (physical)
security systems, printer management, etc.  I try to keep an old desktop
that is firewalled off from everything but the management network and a
specific VPN tunnel that only admins use specifically for accessing said
management network.  Barring that, I run a VM on my laptop that I keep
in more or less unconfigured state, so I can install whatever ancient
version of Java/Flash/IE said PoS requires to operate.

Don't even get me started on firewall vendors and the shit you have to
run to configure those things with a GUI.  Or just UI design in general,
looking dead at you, Untangle!

Cheers,

-Dave

X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg
bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn
aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=



===============================================================
From: Jonathan Calloway 
------------------------------------------------------
Isn’t Oracle supposed to start charging for J2EE? Will this eventually kill it because people won’t want to pay for it annually?

Jonathan Calloway 

Sent from my iPhone



===============================================================
From: Dave Brockman 
------------------------------------------------------
ntually kill it because people won=E2=80=99t want to pay for it annually?=


Maybe.... there are some holes in the license language of the latest
release...

https://blog.joda.org/2018/08/java-is-still-available-at-zero-cost.html

-Dave


X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg
bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn
aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=



===============================================================
From: Stephen Kraus 
------------------------------------------------------
I doubt they'll start charging, they'd be facing one hell of legal battle
to close source what's been open sourced for nearly a decade.


ntually


===============================================================
From: Billy 
------------------------------------------------------
OpenJDK is still being developed.

--b

o close source what's been open sourced for nearly a decade.
ntually kill it because people won=E2=80=99t want to pay for it annually?


===============================================================
From: Mike Harrison 
------------------------------------------------------
On Mon, Nov 5, 2018 at 8:44 AM, Jonathan Calloway=20
 wrote:
ly?


Many corporations will pay up, because the cost of replacing all that=20
bad custom legacy code is insane. At least for a while. Some industries=20
theoretically started banning Java application development years ago,=20
and they have a long time to go to be java free. I just got done with a=20
project that gives a few more years life to some 1998 Java code,=20
because to replace it will cost millions (gotta replace everything=20
associated with it, and the code is just part of the control system).

The question is: what will replace it? It fits in a weird niche of=20
things for browser embedded web applications and desktop/server=20
applications.


=
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg
bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn
aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=



===============================================================
From: Stephen Kraus 
------------------------------------------------------
Effectively Java isn't going away, its still the largest used language, but
most smart companies are relegating it to service layer only and isolated
it from the UI/Customer facing interface.

On Wed, Nov 7, 2018 at 8:48 AM Mike Harrison 
wrote:

ually
ct
ce
he


===============================================================
From: Lynn Dixon 
------------------------------------------------------
On Wed, Nov 7, 2018 at 10:37 AM Stephen Kraus 
wrote:

There are still roughly 220 BILLION lines of COBOL code being used
worldwide.  I'd say its still the most widely used language.  Which is
freakishly odd.
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg
bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn
aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=



===============================================================
From: Stephen Kraus 
------------------------------------------------------
If we're going by line count, maybe, but then you get into semantics: How
many lines of Cobol does it take to achieve something that you could also
achieve in Java.

Java is the most used Enterprise language still.

https://www.tiobe.com/tiobe-index/




===============================================================
From: Jonathan Calloway 
------------------------------------------------------
It depends on how much the developers are getting paid per line!

Jonathan Calloway=20

Sent from my iPhone


any lines of Cobol does it take to achieve something that you could also ach=
ieve in Java.
rote:
ut most smart companies are relegating it to service layer only and isolated=
 it from the UI/Customer facing interface.
ide.  I'd say its still the most widely used language.  Which is freakishly o=
dd.