Java security situation worsens
12 deadly and hard-to-avoid errors in the JAVA language that you did not know about, according to PC Week / RE magazine dated 06/19/07:
1. Possibility of implementing code, for example, SQL commands;
2. Vulnerability of XSS;
3. Disadvantages of identity management;
4. Invalid error search procedure;
5. The program code used for testing falls into the final version;
6. The presence of methods that allow developers to call C / C ++ code from java programs, which introduces security problems specific to C / C ++;
7. Compatibility and synchronization errors;
8. Lack of control over access to servers;
9. Disadvantages of session management;
10. Use of unverified cookies and header HTTP packets;
11. The entry in the logs of confidential information without ensuring their security;
12. The configuration provides unlimited access without the use of monitoring and auditing.
The article was very amusing. The only question remained is what does JAVA have to do with it? And ... I understand, the article goes below: The main incentive for the transition to Vista is security.
1. Possibility of implementing code, for example, SQL commands;
2. Vulnerability of XSS;
3. Disadvantages of identity management;
4. Invalid error search procedure;
5. The program code used for testing falls into the final version;
6. The presence of methods that allow developers to call C / C ++ code from java programs, which introduces security problems specific to C / C ++;
7. Compatibility and synchronization errors;
8. Lack of control over access to servers;
9. Disadvantages of session management;
10. Use of unverified cookies and header HTTP packets;
11. The entry in the logs of confidential information without ensuring their security;
12. The configuration provides unlimited access without the use of monitoring and auditing.
The article was very amusing. The only question remained is what does JAVA have to do with it? And ... I understand, the article goes below: The main incentive for the transition to Vista is security.