Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Submission + - Firefox devs mull dumping Java to stop BEAST attac (

rastos1 writes: In a demonstration last Friday, it took less than two minutes for researchers Thai Duong and Juliano Rizzo to wield the exploit to recover an encrypted authentication cookie used to access a PayPal user account. The researchers settled on a Java applet as their means to bypass SOP, leading Firefox developers to discuss blocking the framework in a future version of the browser.
“I recommend that we blocklist all versions of the Java Plugin,” Firefox developer Brian Smith wrote on Tuesday in a discussion on Mozilla's online bug forum. “My understanding is that Oracle may or may not be aware of the details of the same-origin exploit. As of now, we have no ETA for a fix for the Java plugin.”

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Firefox devs mull dumping Java to stop BEAST attac

Comments Filter:

"No, no, I don't mind being called the smartest man in the world. I just wish it wasn't this one." -- Adrian Veidt/Ozymandias, WATCHMEN