Threat Post

Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes

Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes. A tweak carried out by Google ...
InfoWorld

Sun to put Java security upgrade to the test

Sun Microsystems is seeking to revamp the way in which security is executed in Java and wants developers to try to break the new paradigm to gauge its effectiveness. An initiative called “Crack the ...
Threat Post

Oracle Addresses Java’s Symptoms, But Doesn’t Cure Sickness

Security experts are lukewarm on Oracle’s security plans for the Java browser plug-in, largely because they don’t address code innate to the platform’s security sandbox which has been bypassed in a ...
CSOonline

Oracle’s Java security improvements don’t quite satisfy

Changes welcomed, but one expert said he'd like to see sandbox technology in Java like that used in Adobe Reader and Google Chrome Oracle’s plans to bolster Java security were welcomed by security ...
Infosecurity-magazine.com

Java security settings can be ignored by malware

Researcher Adam Gowdiak, founder and CEO of Security Explorations, has revealed that the security settings in the current version of Java can simply be ignored. The Java Control Panel has a slider ...
ZDNet

Oracle's emergency Java patch brings sandbox bypass

Oracle's latest patch to close up several vulnerabilities that were being actively exploited in the wild may not have been enough, with researchers now claiming that even the latest patch (Version 7 ...
TechRepublic

Work with Java Web Start beyond the sandbox

Java Web Start can make deploying Java apps a breeze, but it may prevent those apps from accessing needed resources. Find out how to use Java Network Launching Protocol and application signing to ...