Osvaldo Pinali Doederlein's Blog: October 2007 Archive

More details in this article: Sun Advances Security for the Java SE Platform. The updates were echoed by some news sites, but not always correctly, for example Computerworld has no mention to the advancements exposed in Sun's article, plus they get a critical fact wrong stating that "Neither JRE nor Web Start includes an automatic update mechanism; users must manually download and apply the updated versions"... duh!!

My $0.02 here is observing that Sun is realizing the fact that Java SE is a major applications platform, so it deserves the same treatment of other platforms. For example on every "Patch Tuesday", Windows Update pushes the latest security fixes for all supported versions of Windows (including all localizations). I think most other OS vendors do the same. Patching each version on different schedules is dangerous because the first patch release provides hackers with substantial new information about the fixed bug... For open-source platforms like Java SE this is even more critical: if you patch version 6 today and other versions only two weeks later, the bad guys will have two weeks to analyze the changes in v6, identifying the exact code that was broken so devising an attack becomes a piece of cake, and "port" this attack to target the unpached versions if necessary.

Now the new security policy is much better, kudos to Sun! And the timing couldn't be better, right on the heels of the upcoming Java Kernel / Update N / whatever release. Strong security management is much more critical in that space, since most back-end JREs, those serving Java EE apps, are professionally maintained and behind firewalls so the risk of any security defect is lower than for home users, or even intranet users running JAWS rich-clients.

Where is my 10GHz CPU???

Posted by opinali on October 01, 2007 at 09:35 AM | Permalink | Comments (5)

I won't rehash everything everybody already knows about the end of the "free lunch" of increasing CPU speeds, just point this curiosity. Being fair on S.H., he was just quoting projections from Intel. This book is from 2001, not such a long time compared to the 3-4 years of design for each CPU generation; so it's funny that Intel wouldn't know better - or perhaps they did, but didn't want to tell us. In the same chapter, Hawking states that future computers would have to be more parallel if they wanted to match our brain's intelligence. IMHO he was an optimist, because we didn't yet make ANY substantial progress towards real understanding of the human mind - and one cannot program in a computer a system that's not understood. But if this situation ever changes (and I'll put serious money that Hawking's search for the Great Unification Theory will end much sooner than that), parallelism will obviously play a major role. But this doesn't matter, even the 2010 version of Notepad will have to be highly concurrent to keep up with the featuritis escalation of our industry. So, grab yourself a good book on concurrency if you plan to be worth anything as a programmer when massively multicore architectures become mainstream even in the desktop, which won't take many years...

Powered by
Movable Type 3.01D

java.net RSS Feeds