Threat Post

Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes

Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes. A tweak carried out by Google ...
Threat Post

Oracle Addresses Java’s Symptoms, But Doesn’t Cure Sickness

Security experts are lukewarm on Oracle’s security plans for the Java browser plug-in, largely because they don’t address code innate to the platform’s security sandbox which has been bypassed in a ...
Infosecurity-magazine.com

Java security settings can be ignored by malware

Researcher Adam Gowdiak, founder and CEO of Security Explorations, has revealed that the security settings in the current version of Java can simply be ignored. The Java Control Panel has a slider ...
CSOonline

Oracle’s Java security improvements don’t quite satisfy

Changes welcomed, but one expert said he'd like to see sandbox technology in Java like that used in Adobe Reader and Google Chrome Oracle’s plans to bolster Java security were welcomed by security ...