Security

Oracle plans to end Java serialization, but that’s not the end of the story

Recently, on the "Ask The Architect" session from the Devoxx UK 2018 conference, Oracle's chief architect, Mark Reinhold, shared his thoughts about Java’s serialization mechanism which he called a ...
Bleeping Computer

Oracle Plans to Drop Java Serialization Support, the Source of Most Security Bugs

That particular Java deserialization flaw was so dangerous that Google engineers banded together in their free time to repair open-source Java libraries and limit the flaw's reach, patching over 2,600 ...
adtmag.com

Waratek's Giannakidis: Removing Serialization from Java Is Not the End of the Story

Last month, Oracle's chief architect, Mark Reinhold, said during a conference Q&A that one of Oracle's long-term goals is to change the way Java handles object serialization. In fact, he called the ...
InfoWorld

Oracle plans to dump risky Java serialization

Oracle plans to drop from Java its serialization feature that has been a thorn in the side when it comes to security. Also known as Java object serialization, the feature is used for encoding objects ...
ZDNet

Choosing your own version of serialization

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Threat Post

Java Serialization Bug Crops Up At PayPal

PayPal has rewarded two researchers with bug bounties for the discovery of a Java serialization vulnerability in manager.paypal.com A Java serialization vulnerability disclosed more than a year ago ...
InfoWorld

Dynamic Behaviors in Java

Imagine you are creating a game that contains many different classes of things; there are players, monsters, and objects that can be picked up. In addition, magic spells can change the classification ...