Re: [Fed-Talk] Java for OS X 2013-003 and Mac OS X v10.6 Update 15
Re: [Fed-Talk] Java for OS X 2013-003 and Mac OS X v10.6 Update 15
- Subject: Re: [Fed-Talk] Java for OS X 2013-003 and Mac OS X v10.6 Update 15
- From: "Link, Peter R." <email@hidden>
- Date: Wed, 17 Apr 2013 16:06:21 +0000
- Thread-topic: [Fed-Talk] Java for OS X 2013-003 and Mac OS X v10.6 Update 15
Ok, I was already called on the Flash comment but my comment stands, Apple does what is right for Apple. If they don't want it, they won't actively support it.
On Apr 17, 2013, at 8:51 AM, Joel Esler < email@hidden> wrote:
On Apr 17, 2013, at 10:53 AM, "Link, Peter R." < email@hidden> wrote:
Shawn
never talks directly about anything Apple is planning for the future (properly so) but I see his comments as giving a clear indication of Apple's future concerning Java. Apple is not going to pursue the continued operation of Java on OSX, that's up to Oracle
to provide it and users to install and use it. Reading into this, I see Apple ultimately dropping Java support the same way they dropped Flash on iOS.
iOS never had flash. It doesn't have Java either. Apple is supporting 6 on OSX until 6 is dead, then users need to download 7 (or whatever is current at that time) from Oracle and go with updates directly from them. Apple doesn't ship with Java installed
by default, nor do they ship with Flash by default.
It's
not a necessary application environment for OSX and actually conflicts with OSX's security model (just like Flash). Shawn might reply saying I'm taking his comments too far but look at what's been happening with Java. Every time Java has a vulnerability, Apple
is the one who takes the heat, not Oracle. Analysts, security experts, bloggers all point the finger at Apple instead of where it belongs. Apple has every right to make sure it keeps its software clean and I see their change in how Java is delivered as being
the first step in removing Java for OSX.
This will never change. Apple gets blamed for having "all these security vulnerabilities" when most of the patches they ship in security updates are for the open source software embedded into their OS. Yes, I can be seen as splitting hairs here, but
that's the truth.
Peter Link
Cyber Security Analyst
Cyber Security Program
Lawrence Livermore National Laboratory
PO Box 808, L-315
Livermore, CA 94551-0808
email@hidden
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden