Security 2009-01 and Java release 8 - which first?

Similar Messages

• ABAP and Java Stack: Which to choose/supported standards and components?

  Hello,
  I am trying to understand the role of the two stacks in NW. Maybe anyone has a few
  hints where I can find answers to the following questions:
  - An overview of supported Standards (Java 5 since when?)
  - An overview of which component runs on which stack? Portal->Java, Integration Server->ABAP and so on.
  - Guidelines when to install both stacks and when to use just one stack? When do I use which one?
  - Has SAP an stategy towards an one Stack solution (possibly Java?)
  Best regards and thanks for any pointers!
  Stefan

  An overview of supported Standards (Java 5 since when?)
  Go to service.sap.com/pam
  Product Availability Matrix will tell you about supported version and platforms.
  An overview of which component runs on which stack? Portal->Java, Integration Server->ABAP and so on.
  Usually the question goes the other direction: what stacks we need for implementation of a particular function?
  More and more products require ABAP backend and Java frontend.
  For example Employee Self Service has been transerred from ABAP only ITS based to ABAP backend and Java frontend.
  Same with SRM.
  Guidelines when to install both stacks and when to use just one stack? When do I use which one?
  Same as above, driven by business requirements, not technology.
  Has SAP an stategy towards an one Stack solution (possibly Java?)
  No. Core business functions are still being developed on ABAP and interface, GUI etc utilize JAVA.
  Regards,
  Slava

• Java io and Java nio, which is faster to binary io?

  Anybody can advise me about java io and java nio ?
  I want to write the faster code to read and write binary files.
  I'm going to read/write
  - individual elements (int, double, etc)
  - arraylists
  - objects
  Also I'm going (or I'd want) to use seek functions.
  Thanks

  Anybody can advise me about java io and java nio ?
  I want to write the faster code to read and write binary files.Which is "faster" depends on exactly how you're using them. For example, a MappedByteBuffer is usually faster for random access than a RandomAccessFile, unless your files are so large (and your accesses so random) than you're constantly loading from disk. And it's not at all faster for linear uni-directional access than a simple FileInputStream.
  So, rather than expecting some random stranger telling you that one is faster than the other without knowing your project, perhaps you should tell us exactly how you plan to use IO, and why you think that one approach may be faster than the other.

• EWA does not report security notes missing and java systems

  Hello guys,
  Our early watch report don't contain section 7.1 with security notes missing in the system.
  We have solution manager 7.0 with ST-SER 700_2008_1 SP4.
  What do we need to configure so that ewa reports security notes missing?
  Another doubt, how can I get the list of security notes missing in java stack system like portal?
  thanks.
  regards,
  Filipe

  hello Filipe
  Below is a line from the SAP note 888889.
  "In the SAP EarlyWatch Alert report, the "Service Preparation Check" unit complains that Note 888889 is not implemented.  As a result, the check for security-relevant notes can only be carried out partially in the "Security" section."
  Looks like that could be the reason for that.
  For JAVA stack there is no note concept.
  Thanks & regards
  bala

• Secure Login Client and Java

  Hi All,
  We are having a project to implement NW SSO for NWBC for HTML, Citrix XenApp will be used as the desktop environment. The requirement is that no Java allowed to be installed on the web browser.
  According to PAM, Secure Login Client is not support Microsoft Application Virtualization (App-V), so how can we deploy the Secure Login Client to Citrix environment?
  If we want to use Secure Login Web Client instead of Secure Login Client, does Secure Login Web Client requires Java installed on users' web browsers? In the latest Secure Login implementation guide (SSO 2.0), it does not mentioned anything about Java runtime. However, because as far as I understand, Secure Login Web Client is a feature of Secure Login Server, while Secure Login Server is pure Java application, I suspect that Secure Login Web Client also require Java runtime to run. Is that true?
  Best regards,
  Duy

  Hello Duy,
  The Product Availability Matrix states that Secure Login Web Client needs a Java runtime in the browser. See the footer of the Secure Login Web Client pages for Windows and Linux/MAC OS browser platform support. It says the following:
  For Windows: SupportedJava Runtime: Oracle (Sun) JSE 6, 7 and8, 32bit
  For Linux/MAC OS: Supported Java Runtime: Oracle (Sun) JSE 6.0 and7.0, 32bit/64bit depending on browser
  Best regards,
  Martin

• IPhoto app and library install - which first???

  I had to replace my MacBook. I just picked up a MacBook Air. I was able to install the iPhoto app from the app store.
  I have not yet run iPhoto. I am in the process of restoring my iPhoto library from CrashPlan (I know - should have a local back up - it fried - long story).
  So, here's the question: Do I need to restore my iPhoto library and THEN run iPhoto for the first time? Will it make a difference??? When I open iPhoto for the first time, will it create a new library that would replace what I restored???
  Thanks in advance!!

  restore the library first and then launch iPhoto
  However the record of restoring from crash plan or any other cloud backup is very poor - it is likely that you will have problems - if you do post back
  LN

• About Java mapping and java proxy

  Hi
  Iam new to Xi and basically iam an ABAPER.When iam dooing mappinps or proxies i cant able to understand the java pari cant (javamapping and java proxies) .I need some notes on java mapping and java proxy which is easy to do.And why do we use this java mapping or java proxy particularly when we r having abap mappipng and abap proxy.
  thanks in advance

  Hi,
  refer
  Java Mapping
  SAP Network Blog: Java Mapping (Part I)
  /people/prasad.ulagappan2/blog/2005/06/29/java-mapping-part-i
  Java Mapping in XI
  https://www.sdn.sap.com/irj/sdn/advancedsearch?cat=sdn_all&query=java+mapping&adv=false&sortby=cm_rnd_rankvalue#
  Runtime Environment (Java Mappings) (SAP Library - Partner Connectivity Kit)
  http://help.sap.com/saphelp_nw04/helpdata/en/bd/c91241c738f423e10000000a155106/frameset.htm
  Java Mapping (SAP Library - Partner Connectivity Kit)
  http://help.sap.com/saphelp_nw04/helpdata/en/e2/e13fcd80fe47768df001a558ed10b6/frameset.htm
  SAP Network Blog: Testing and Debugging Java Mapping
  /people/stefan.grube/blog/2006/10/23/testing-and-debugging-java-mapping-in-developer-studio
  SAP Network Blog: Implementing a Java Mapping in SAP PI
  /people/carlosivan.prietorubio/blog/2007/12/21/implementing-a-java-mapping-in-sap-pi
  "JAVA MAPPING", an alternate way of reading a CSV file
  /people/rahul.nawale2/blog/2006/07/18/java-mapping-an-alternate-way-of-reading-a-csv-file
  SAP Network Blog: XI Java Mapping Helper (DOM)
  /people/alessandro.guarneri/blog/2007/03/25/xi-java-mapping-helper-dom
  Java Proxy
  Java Proxy Objects (SAP Library - SAP Exchange Infrastructure)
  http://help.sap.com/saphelp_nw04/helpdata/en/c5/7d5e3c754e476ee10000000a11405a/frameset.htm
  Accessing Active Directory through Java Proxy on SAP Exchange Infrastructure 3.0
  https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/10716e9f-23d7-2a10-8c8c-d2665615f8fc
  Thanks
  Swarup

• Secure object sharing in java card

  Who has the complete code in secure object sharing in java card which is written by Michael Montgomery. I want to look at the code in this article. I wish somebody can help me!!!

  Who has the complete code in secure object sharing in java card which is written by Michael Montgomery. I want to look at the code in this article. I wish somebody can help me!!!

• I just purchased MBP and it is my first Apple computer. How concerned should I be about virus software and what do you recommend for security software?

  I just purchased MBP and it is my first Apple computer. How concerned should I be about virus software and what do you recommend for security software?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically checked for updates once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
  Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
  For more information about Gatekeeper, see this Apple Support article.
  4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  5. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was never a good idea, and Java's developers have had a lot of trouble implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style "virus" affecting OS X. Merely loading a page with malicious Java content could be harmful. Fortunately, Java on the Web is mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers. In Safari, this is done by unchecking the box marked Enable Java in the Security tab of the preferences dialog.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a specific task, enable Java only when needed for the task and disable it immediately when done. Close all other browser windows and tabs, and don't visit any other sites while Java is active. Never enable Java on a public web page that carries third-party advertising. Use it only on well-known, password-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow these guidelines, and you’ll be practically as safe from malware as you can be.
  6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  8. The greatest harm done by anti-virus software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but they get a false sense of security from it, and then they may behave in ways that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• Ive just upgraded my late 2009 macbook, and things are not working properly. First of all, when I started the computer first time after installing Mountain Lion, some message advised me that some files were impossible to install.

  Ive just upgraded my late 2009 macbook, and things are not working properly. First of all, when I started the computer first time after installing Mountain Lion, some message advised me that some files were impossible to install. Once I wrote my password, and for now on, everytime I start the session, another window advise me that "Java SE 6" is missing, due that, the computer can't run some "CS5Service Manager". If I try to install it, the download ends with an error. If finally, you skip the istallation, you arrive to the dock, but the menu bar at the top of the screen doesn't show up.
  In addition, my trackpad doesn't works either. I can move the arrow but i can't click anywhere, probably because the option of clicking by touching is disabeled and I can't performance a regular click.
  I'll be very glad if someone know what the heck is happening with my computer. Anyway, I'm going to the genius bar next Saturday. Thx!

  We're sorry.
  We can't find the article you're looking for.
  Please return to the Apple Support homepage.
  Sigh.

• I reset my disabled ipad 2 and it is asking me for the apple id which first set it up but i forgot the password for that apple id and the password/recovery information for the recovery email address. What can i do?

  i reset my disabled ipad 2 and it is asking me for the apple id which first set it up but i forgot the password for that apple id and the password/recovery information for the recovery email address. What can i do?

  Click here and use Apple's iForgot service, or contact their Account Security team, or if you're the device's original owner, take it and its purchase receipt to a physical Apple Store.
  (124525)

• HT203200 I made yearly subscription to Chandamama junior English and Telugu magazines which are released on monthly.  I could download for only 2months and cannot download any more.  Please help

  I have made yearly subscription to Chandamama junior english and Telugu magazines which are released monthly by publishers.  I could download for only 2months from itunes store and now cannot download any more.  No error message.  When I enter my itunes store password, it simply ignores.  Please help.

  Hi Charlotte,
  You don't say what your version of Windows you have. Assuming XP, go to Start | Run, type DXDIAG and click OK. Click the Sound tab and run the tests to eliminate a hardware problem first of all. If you don't hear anything, check your cables first of all. Also make sure "Mute" isn't checkmarked in your sound setup. You'll find that in Windows Control Panel.
  Which browser do you use? If you have Firefox 4, sign up to the HTML5 trial @ http://www.youtube.com/html5
  HTML5 is the latest video standard and doesn't require Flash player. Google is in the process of converting all its files to work with the new format. It may solve you problem. If you don't have Firefox 4, you can get it from here: http://www.mozilla.com/en-US/firefox/fx/
  IE8 doesn't support HTML5.
  To clean out your temp files, go to Start | Run, type: CLEANMGR and click OK. Click OK again to start the utility. Tick all the boxes except "Compress old files" because the latter takes too long, and then click OK. You can run this utility any time you wish by the way.
  The above steps will hopefully fix your problem. If not, post here again please.

• After update June 28 of security and Java on 17in mac bk pro laptop cannot startup

  After June 28 security and Java updates my 17 in mac book pro will not start up properly..I get a screen with text on the side and a window telling me to press the sart button to shut down and then press again to start up...( a gray panel comes down over the page before the window appears)...I have tried the install disc and done the disc and permissions repair...permissions repair could not repair "System/Library/Core Services/Remote Management ARDAgent/Contents/Mac OS/ARDAgent" a SUID file. What can I do?

  Follow these documents.
  http://support.apple.com/kb/TS2570
  http://support.apple.com/kb/TS1440
  http://support.apple.com/kb/HT1455
  http://support.apple.com/kb/ht3964
  This one about permissions you can ignore
  http://support.apple.com/kb/TS1448
  Try to get into your machine and if you do, the first thing you do is backup your files to a external drive. (not TimeMachine) via regular drag and drop methods.
  Disconnect this drive. and all others.
  You can then c boot off the installer disk for your OS version and under the Utilities menu is Disk Utility > Repair Disk
  Also you can totally reinstall OS X, shouldn't effect your programs or files (but backup all files just in case)
  If that don't work, c boot off the installer disk again, this time use Disk Utility to Erase >format HFS+ Journaled with Security option > Zero All Data (will take some time) This will totally wipe the drive of everything and is a last ditch effort.
  When it's done quit, and reinstlal OS X.
  You'll have to go through the setup and reinstall your programs and files from backup. Secret is use the same user name and drive name as the previous time so your iTunes folder will work without a hitch.
  If you restore from TimeMachine, it's possible whatever problem you had can return, but you can try and if it doesn't work, just repeat above without TimeMachine.
  Later look at free Carbon Copy Clone your boot drive to a external HFS+ Journaled formatted drive and keep in a safe place, it hold option bootable, great if your hard drive bites it, or TimeMachine gets hosed. TM isn't bootable.

• Java.sql.Date and java.util.Date - class loaded first in the classpath

  I had two jar files which has java.util.Date and java.sql.Date class file. i want to know whether which class is loaded first in the classpath...
  I like to change the order of loading the class at runtime...
  Is there is any way to change the order of loading of class...
  I may have different version of jar files for example xerces,xercesImpl. some of the code uses xerces ,some of the code uses xercesImpl..i had common classes.
  I like to load the class with the same name according to the order i need..
  Can we do all these in Run time ?????

  I had two jar files which has java.util.Date and
  java.sql.Date class file. i want to know whether
  which class is loaded first in the classpath...
  I like to change the order of loading the class at
  runtime...
  Is there is any way to change the order of loading of
  class...
  I may have different version of jar files for example
  xerces,xercesImpl. some of the code uses xerces ,some
  of the code uses xercesImpl..i had common classes.
  I like to load the class with the same name according
  to the order i need..
  Can we do all these in Run time ?????That is meaningless.
  The classes you are referring to are part of the Java API. Third party jars have no impact on that. And you can't change to the order because java.sql.Data is derived from java.util.Date. So the second must load before the first.
  And if you have two jar files with those classes in them (and not classes that use them) then you either should already know how to use them or you should stop trying to do whatever you are doing because it isn't going to work.

• Possible security problem with my iPhone4, it seems like it has been hacked into and my hotmail, facebook and university accounts (which all have different passwords) and proceed to change my passwords on me. This has happened twice.

  I seem to be having security problems with my iPhone4, it seems like someone has hacked into my hotmail, facebook and university accounts (which all have different passwords) and proceed to change my passwords on me. This has happened twice and I have not left my phone unattended at any time that I can recall nor have I accessed these accounts from another source (i.e. computer/laptop) since changing my passwords after the first hacking occurred. Please help.

  Anyone else at your university complaining about the same thing?  It is more likely someone is stealing passwords by sniffing traffic over the university wifi or with a man-in-the-middle attack or by other means external to your phone.  Try a Google search on "steal password" (without quotes) or "steal SSL password" and you'll learn more than you wanted to know about how passwords get stolen.
  Some related info:
  http://en.wikipedia.org/wiki/Session_hijacking
  http://en.wikipedia.org/wiki/Man-in-the-middle_attack