HomeAboutMailing ListList Chatter /0/0 34.228.30.69

Java Rant

2018-11-04 by: Michael Harrison
From: Michael Harrison 
------------------------------------------------------
Why SysAdmins are an inherent security risk:=20

The Raritan KVM attached to the servers needs Java/JRE. So I installed =
Java on my Mac to find out that it's essentially worthless, as modern =
Browsers won't run it (thank gawd!) and it is going to be a pain to =
un-install. So on my work around is the Pale Moon browser and the IBM =
Java/JRE 8 on Linux. This works. Partially because Pale Moon supports =
all the old insecure plugins via NPAPI. So that you can run those things =
that manage critical hardware, with invalid expired certificates and =
crunchy bad interfaces, and lots of pop-up warnings saying: "This is a =
bad idea, are you sure you want to do this?". The good news: Java is =
dying. The bad news: for some things, there are no replacements, yet.

Oh, yeah and OpenVPN ROCKS!


X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg
bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn
aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=

=============================================================== From: Stephen Kraus ------------------------------------------------------ Oracles hostage game is strong. On Sat, Nov 3, 2018, 11:30 PM Michael Harrison Why SysAdmins are an inherent security risk:

=============================================================== From: Bret McHone ------------------------------------------------------ I understand your pain, and share in it.. On Sat, Nov 3, 2018 at 11:30 PM Michael Harrison wrote:

=============================================================== From: Lynn Dixon ------------------------------------------------------ Nothing like the frustration of trying to get the KVM console to work from IBM's SMC or a janky HP iLo. On Sun, Nov 4, 2018, 12:05 AM Bret McHone I understand your pain, and share in it..

=============================================================== From: Dave Brockman ------------------------------------------------------ s I deal with this constantly with switches, BMC consoles, (physical) security systems, printer management, etc. I try to keep an old desktop that is firewalled off from everything but the management network and a specific VPN tunnel that only admins use specifically for accessing said management network. Barring that, I run a VM on my laptop that I keep in more or less unconfigured state, so I can install whatever ancient version of Java/Flash/IE said PoS requires to operate. Don't even get me started on firewall vendors and the shit you have to run to configure those things with a GUI. Or just UI design in general, looking dead at you, Untangle! Cheers, -Dave X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=

=============================================================== From: Jonathan Calloway ------------------------------------------------------ Isn’t Oracle supposed to start charging for J2EE? Will this eventually kill it because people won’t want to pay for it annually? Jonathan Calloway Sent from my iPhone

=============================================================== From: Dave Brockman ------------------------------------------------------ ntually kill it because people won=E2=80=99t want to pay for it annually?= Maybe.... there are some holes in the license language of the latest release... https://blog.joda.org/2018/08/java-is-still-available-at-zero-cost.html -Dave X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=

=============================================================== From: Stephen Kraus ------------------------------------------------------ I doubt they'll start charging, they'd be facing one hell of legal battle to close source what's been open sourced for nearly a decade. ntually

=============================================================== From: Billy ------------------------------------------------------ OpenJDK is still being developed. --b o close source what's been open sourced for nearly a decade. ntually kill it because people won=E2=80=99t want to pay for it annually?

=============================================================== From: Mike Harrison ------------------------------------------------------ On Mon, Nov 5, 2018 at 8:44 AM, Jonathan Calloway=20 wrote: ly? Many corporations will pay up, because the cost of replacing all that=20 bad custom legacy code is insane. At least for a while. Some industries=20 theoretically started banning Java application development years ago,=20 and they have a long time to go to be java free. I just got done with a=20 project that gives a few more years life to some 1998 Java code,=20 because to replace it will cost millions (gotta replace everything=20 associated with it, and the code is just part of the control system). The question is: what will replace it? It fits in a weird niche of=20 things for browser embedded web applications and desktop/server=20 applications. = X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=

=============================================================== From: Stephen Kraus ------------------------------------------------------ Effectively Java isn't going away, its still the largest used language, but most smart companies are relegating it to service layer only and isolated it from the UI/Customer facing interface. On Wed, Nov 7, 2018 at 8:48 AM Mike Harrison wrote: ually ct ce he

=============================================================== From: Lynn Dixon ------------------------------------------------------ On Wed, Nov 7, 2018 at 10:37 AM Stephen Kraus wrote: There are still roughly 220 BILLION lines of COBOL code being used worldwide. I'd say its still the most widely used language. Which is freakishly odd. X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQ2h1Z2FsdWcg bWFpbGluZyBsaXN0CkNodWdhbHVnQGNodWdhbHVnLm9yZwpodHRwOi8vY2h1Z2FsdWcub3JnL2Nn aS1iaW4vbWFpbG1hbi9saXN0aW5mby9jaHVnYWx1Zwo=

=============================================================== From: Stephen Kraus ------------------------------------------------------ If we're going by line count, maybe, but then you get into semantics: How many lines of Cobol does it take to achieve something that you could also achieve in Java. Java is the most used Enterprise language still. https://www.tiobe.com/tiobe-index/

=============================================================== From: Jonathan Calloway ------------------------------------------------------ It depends on how much the developers are getting paid per line! Jonathan Calloway=20 Sent from my iPhone any lines of Cobol does it take to achieve something that you could also ach= ieve in Java. rote: ut most smart companies are relegating it to service layer only and isolated= it from the UI/Customer facing interface. ide. I'd say its still the most widely used language. Which is freakishly o= dd.