Java hacked... How are we going to file flightplans now?
Thread Starter
Join Date: Feb 2003
Location: Oxford
Posts: 2,042
Likes: 0
Received 0 Likes
on
0 Posts
Java hacked... How are we going to file flightplans now?
Java has been hacked and respected security firm Sophos are advising to disable it until the exploit has been patched:
Unpatched Java exploit spreads like wildfire | Naked Security
How are we going to (free) file flightplans now? Or must we all run the risk of being hacked?
Another reason why Afpex is a creaky complex solution to a simple problem...
Tim
Unpatched Java exploit spreads like wildfire | Naked Security
How are we going to (free) file flightplans now? Or must we all run the risk of being hacked?
Another reason why Afpex is a creaky complex solution to a simple problem...
Tim
I dislike AFPEX a lot, but confess it has been my selected tool.
You can file through Skydemon I believe? Mind you, is that Java based as well? I suspect that it is.
G
You can file through Skydemon I believe? Mind you, is that Java based as well? I suspect that it is.
G
For as little as I know on the subject - though some expect some authority from me, how horrible the idea! - this seems to confirm two opinions I have held for a long time:
-) Java and the kind of glittery web pages it allows are to be avoided where possible - and that includes the Java embedded in appservers like tom cat , web logic, and what not. Unfortunately, this kind of rubbish is hyper-attractive to the hyper-assertive marketeers that somehow seem to have gained (or been given?) control of today's world.
-) never be too hasty in upgrading one's PC - staying with 1.5 or 1.6 will run most applications, and keeps one on the safe side.
-) Java and the kind of glittery web pages it allows are to be avoided where possible - and that includes the Java embedded in appservers like tom cat , web logic, and what not. Unfortunately, this kind of rubbish is hyper-attractive to the hyper-assertive marketeers that somehow seem to have gained (or been given?) control of today's world.
-) never be too hasty in upgrading one's PC - staying with 1.5 or 1.6 will run most applications, and keeps one on the safe side.
Join Date: May 2008
Location: EGTT
Posts: 277
Likes: 0
Received 0 Likes
on
0 Posts
I've used Rocket Route in the past, it's meant to be particularly useful for filing IFR flight plans. I'm not sure I'd pay to file the one or two VFR flight plans I do a year though.
Last edited by 1800ed; 30th Aug 2012 at 20:45. Reason: Spelling
Join Date: Dec 2011
Posts: 2,460
Likes: 0
Received 0 Likes
on
0 Posts
It's a risk only if you visit a website which is infected with the exploit, and none of the major ones, run by competent admins, should be.
Pilot forum BBS software has a history of getting infected, but p r o o n seems to have been ok for quite a while. Both Flyer and PPL/IR have been infected fairly recently. The other (minor) forums I don't know about.
Or perhaps you can catch it via M$ Outl$$k? But then only if you open an infected email, which should be unlikely in the first place.
Kids' computers catch everything because they click on every link instantly. I have seen many that were trashed totally within weeks.
Pilot forum BBS software has a history of getting infected, but p r o o n seems to have been ok for quite a while. Both Flyer and PPL/IR have been infected fairly recently. The other (minor) forums I don't know about.
Or perhaps you can catch it via M$ Outl$$k? But then only if you open an infected email, which should be unlikely in the first place.
Kids' computers catch everything because they click on every link instantly. I have seen many that were trashed totally within weeks.
Join Date: Jul 2012
Location: Scotland
Posts: 158
Likes: 0
Received 0 Likes
on
0 Posts
Unless you have need of an application that requires Java it's probably not that big a deal for most folk. Just make sure that in whatever browser you use you have disabled or disallowed Java. Java and Javascript are not the same thing. Much of the web uses javascript but if you're leary about Javascript try disabling that too and see if it affects your web experience more than you can tolerate.
SkyDemon Light doesn't use Java but does use Javascript. Google Chrome's developer tools shows that.
SkyDemon Light doesn't use Java but does use Javascript. Google Chrome's developer tools shows that.
Join Date: Nov 2000
Location: Cambridge, England, EU
Posts: 3,443
Likes: 0
Received 1 Like
on
1 Post
never be too hasty in upgrading one's PC
I can't however be too rude about Java, just in case the people who pay me to write the stuff are reading this.
Join Date: Nov 2008
Location: UK
Posts: 267
Likes: 0
Received 0 Likes
on
0 Posts
How ironical that Oracle was urging users to upgrade to Java 7 because of known vulnerabilities with version 6, and now this new threat affects only version 7.
Java 6 is still supported, albeit not for much longer, as far as I know. I still have it installed and AFPEX runs fine. I wouldn't worry too much.
Java 6 is still supported, albeit not for much longer, as far as I know. I still have it installed and AFPEX runs fine. I wouldn't worry too much.
Join Date: Dec 2011
Posts: 2,460
Likes: 0
Received 0 Likes
on
0 Posts
Java is crap.
It drags out all the incompetent stupid and lazy computer programmers.
Every new version breaks some apps. I have just found that Mobile Atlas Creator no longer works, with the latest version, but luckily I can downgrade to the version which was needed to make Afpex work and which I had saved
It drags out all the incompetent stupid and lazy computer programmers.
Every new version breaks some apps. I have just found that Mobile Atlas Creator no longer works, with the latest version, but luckily I can downgrade to the version which was needed to make Afpex work and which I had saved
Join Date: Nov 2000
Location: Cambridge, England, EU
Posts: 3,443
Likes: 0
Received 1 Like
on
1 Post
Java is crap.
It drags out all the incompetent stupid and lazy computer programmers.
It drags out all the incompetent stupid and lazy computer programmers.
(Except, just possibly, Algol68. The language definition and compiler are so strict that if you manage, at long last, to get your code to actually compile, then the chances are that it does something useful.)
Yes, but a decent programming language does not INVITE or ENCOURAGE poor coding. As a Unix sysadmin, if people come complaining about memory shortages, I know for 90% it is due to poor Java code. The hard thing is to convince the programmer that the problem is at her/his side, not at the server's.
I agree it is very well possible to write good code in Java - but very few people seem to do so.
I agree it is very well possible to write good code in Java - but very few people seem to do so.
Join Date: Dec 2011
Posts: 2,460
Likes: 0
Received 0 Likes
on
0 Posts
Of course (I've been a hardware/software developer since c. 1976) but Java apps seem to have a terrible dependence on the Java runtime version. It could be sloppy programming or it could be bugs in the runtime which programmers have "empirically" worked their way around and then get caught when the bug is fixed.
The "internet" has generated a huge number of programmers who have no experience of building robust apps. It's very easy to knock up apps for that type of environment where you have a very visual user interface which immediately shows what is going on, and especially with the various tools one can generate code at a rapid rate. The fact that on the www no two things ever look the same and this is seemingly accepted by the public (no browser out there can actually properly print the displayed page for every type of website structure, for example) merely facilitates sloppy programming. Whereas embedded systems programmers have to be a whole lot more careful; a (e.g.) temperature controller which has bugs that affect its operation is completely useless, and they are hard to find nowadays whereas web developers are two a penny.
The "internet" has generated a huge number of programmers who have no experience of building robust apps. It's very easy to knock up apps for that type of environment where you have a very visual user interface which immediately shows what is going on, and especially with the various tools one can generate code at a rapid rate. The fact that on the www no two things ever look the same and this is seemingly accepted by the public (no browser out there can actually properly print the displayed page for every type of website structure, for example) merely facilitates sloppy programming. Whereas embedded systems programmers have to be a whole lot more careful; a (e.g.) temperature controller which has bugs that affect its operation is completely useless, and they are hard to find nowadays whereas web developers are two a penny.
Join Date: Jan 2008
Location: London UK
Posts: 517
Likes: 0
Received 0 Likes
on
0 Posts
Most of my code is in C/C++, and I will only confess to a half-written android app in Java, but Java looks to me exactly like C++ with automatic memory management.
I think the problem is not in the language itself but the bloated interface to the "runs on anything" virtual machine. I'm not surprised that breaks a lot.
I would also guess that the advantage of Java to afpex is precisely that the code runs on your hardware, whatever it might be, so you pay the processing costs and suffer the security risks, not them.
I think the problem is not in the language itself but the bloated interface to the "runs on anything" virtual machine. I'm not surprised that breaks a lot.
I would also guess that the advantage of Java to afpex is precisely that the code runs on your hardware, whatever it might be, so you pay the processing costs and suffer the security risks, not them.
Join Date: Dec 2011
Posts: 2,460
Likes: 0
Received 0 Likes
on
0 Posts
Afpex bought the whole lot from a German company called Compsoft, so they got what was on offer...
C++ is also a great way to write crap software, because of the extra abstraction. Firms that develop embedded systems using C++ have lots of fun with it. Once you don't have a GUI you can't put up an "insufficient memory" error and give up
C+asm is the way to go but then producing decent code takes 10x longer
C++ is also a great way to write crap software, because of the extra abstraction. Firms that develop embedded systems using C++ have lots of fun with it. Once you don't have a GUI you can't put up an "insufficient memory" error and give up
C+asm is the way to go but then producing decent code takes 10x longer
Join Date: Jan 2008
Location: London UK
Posts: 517
Likes: 0
Received 0 Likes
on
0 Posts
I basically agree re C++, especially C++ GUI programming, in fact my "C/C++" is pretty much C compiled with a C++ compiler
C code may seem to take 10x longer to write, but if your goal is something that works, the development may still end up 10x faster...
Anyhow, software is one of the few areas where a good performer can be literally 100x more productive than a bad one, so IMHO the language is seldom the issue
C code may seem to take 10x longer to write, but if your goal is something that works, the development may still end up 10x faster...
Anyhow, software is one of the few areas where a good performer can be literally 100x more productive than a bad one, so IMHO the language is seldom the issue