Why java is secured?

Similar Messages

• Why java is secure?

  hello friends
  this is my first message on this site. i want to know that what makes java more secure then C or C++?

  Some of the thing that makes Java more "Secure":
  1. auto garbage collector
  developer does not have to worries about a memory leak (most of the time - for dangling reference, etc). Java does the releasing of unreferenced object for you
  2. hide pointer
  Java hide pointer from developer. Allowing direct access to memory can be dangerus. Hacker can takes advantages of this to try to overwrite memory outside of application..or you accident overwrite th ewrong address in your pointer arithmetic.
  3. try-catch
  java provides try - catch - finally that is different from C++ try-catch.
  Java guareentee that when the an Exception occurs, the thread will goto the end of the method before unwinding the stack to where the call was..and keep doing this till the exception is handled. This is important when working with thread. When the thread exit the method..and if the thread have the object lock..then it release the lock upon exiting the method. Java try-catch-finally guareentee the release of the lock (because Java exit the method). C++ does not guareentee this (well..i haven't work with C++ for a long time..it may have changed)..so when you throw the Exception..the lock may not be released.
  4. Java is a String type language
  you have two type in Java
  primitive type and object type.
  At runtime, Java knows the type of object, so Java knows what operating allows on th etype...this eliminate bad casting (for the most part)
  you can still cast wrongly:
  Person p = new Person();
  Object o = p;
  Cat c = (Cat) o;compile fine, but will catch runtime exception..because Java knows the type at runtime..so trying to cast to a Cat for the Person object will generate an Exception...In C++..your application may or may not crash right there....so, you could actually keep on running and may or maynot get a runtime error (but your result may be incorrect)
  5. Applet provides better security
  Applet by default does not gives the Applet application permission to read or write on your computer. ActiveX (from Miscrosoft) default to allow these access.
  This encapsulte the applet..and prevent malacious code.
  as stated before..you can still write code that is not so "secure," it's just harder to do so, than any other language..Java try to protect developers from making these mistakes..and try to protect the end-user from malacious code.

• Why java is very secure

  tell the reasons why java is very secure compare than other languages

  s.s.s.s wrote:
  tell the reasons why java is very secure compare than other languagesIts not, security is not determined by the language or platform. Sure Java provides the tools to implement a secure environment, and I'd hesitate to say that Java is among the easier platforms to get solid security setup. But it still depends on one major factor if it is ever going to happen: you.

• Netscape vs. Java 2 Security model

  Hi, new user here, downloaded and installed Java Virtual Machine plug-in, 1.4.2-b28, Wednesday evening. Added Java capability to IE 6.0.28. Running XP.
  Encountered a problem with a URL that had worked with Microsoft VM on another machine on my home network. Found the Java Console, which gave the following message: "Netscape security model is no longer supported. Please migrate to the Java 2 security model instead."
  Questions:
  1) Might this be the source of the problem I encountered?
  2) Is the Java 2 security model something I have to download, or is it some setting in IE?
  3) If this isn't the right forum for this question, which one is?
  That is, how do I "migrate" to Java 2, and why would I be using a Netscape Security model with the latest version of IE?
  I am not a developer, just a frustrated consumer!
  Warmest regards

  dear sir
  I am having the same problem as yours did you find a soloution for this problem
  Thanks & best regards

• The role of java.security.acl in Java 2 security

  I have been trying to assess the role of the java.security.acl package within the Java 2 Security architecture. I have some questions regarding it.
  First where in the JVM are the interfaces of java.security.acl used? Are there any examples out there to guide developers in understanding their proper implementation?
  What is the relationship between this package and the core security package? There seems to be a Permission interface in the acl sub-package and an abstract Permission class in the core security package. Why is this the case? Why is the core abstract class not used instead of declaring a new Permission interface within the acl subpackage?
  Are not PermissionCollections and Permissions analogous to ACLs? If so then wouldn't that fact make the acl subpackage redundant?
  JSR 115 tries to bridge the gap between Java 2 Security in the SDK with security in J2EE. Namely enabling the RBAC-like approach to security in J2EE while using the AccessController of the J2SE to do the evalualtion of J2EE (Servlet/EJB) Permissions. Why are the Group and Owner interfaces defined here not leveraged in both JSR 115 and in general for Role Based Access Control?
  Could someone give some background on the vision behind creating the acl subpackage and how it relates to the historical progression of security advances in Java security architectures?
  Thanks much,
  Alex Karasulu

  I see from the defined interfaces that its an attempt at a formal approach to RBAC. However RBAC can be implemented without it all together using existing J2SE and JAAS based constructs. This does not answer the redundancy question. Could you elaborate a little bit more?
  Thanks,
  Alex

• Why java is free?

  I don't understand why java technology is free to download, and even more of this, the source code is available.
  I think sun can make a lot of money from us. (without giving ideas)

  They're trying mic$ofts trick - for years micro$oft offered wondoze on easy to copy disks, with little or no security (even though they could have implemented some kind) knowing that people would pirate it, and spread it around very quickly. Then, when most of the computing world is hooked on using windoze, they upgrade to a flashy secure version that you have to pay loads for. It was a gamble, but certainly paid off. What sun are doing is the only possible tactic for them at the moment, which is to spread java as much as possible to ensure loads of people use it - they are not doing this for fun, or the love of the language, but purley and simply as a business strategy.

• Import a certificate into Sun/Java/Deployment/security/trusted.clientcerts

  Hi I'm trying to make a java applet, it has to add a certificate in the Keystore Sun/Java/Deployment/security/trusted.clientcerts.
  The problem is that to store, I have to enter a password. I enter "". ToCharArray () but when I try to view the certificates, it does not appear in the java control panel.
  And when I try to import a certificate from the java control panel throws the following error "keystore was tampered with or password was incorrect".
  Code:
  private void guardarKeyStore(KeyStore ks) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException{
  FileOutputStream out = new FileOutputStream(System.getenv("APPDATA").replace("\\", "/")+"/Sun/Java/Deployment/security/trusted.clientcerts");
  ks.setCertificateEntry("someAlias", decodeCertificate(somebase64));
  ks.store(out, "".toCharArray());
  out.close();
  }

  Francisco26 wrote:
  I Want to insert a certificate into trusted.clientcerts via java applet.
  This certificate have to appear in the java control panel. (Security->Certificates->user->client autentication)
  Why that? Because i need to do an applet that download a certificate response from a request to a CA.Which to paraphrase EJP is undesirable, insecure and untrustworthy. What you are asking would allow an untrustworthy site to declare itself trustworthy.

• Why is my security always invalid? I haven't been able to download any apps!

  Why is my security always invalid? I haven't been able to download any apps!

  Contact iTunes store support: http://www.apple.com/emea/support/itunes/contact.html

• Why java file name and class name are equal

  could u explain why java file name and class name are equal in java

  The relevant section of the JLS (?7.6):
  When packages are stored in a file system (?7.2.1), the host system may choose to enforce the restriction that it is a compile-time error if a type is not found in a file under a name composed of the type name plus an extension (such as .java or .jav) if either of the following is true:
  * The type is referred to by code in other compilation units of the package in which the type is declared.
  * The type is declared public (and therefore is potentially accessible from code in other packages).
  This restriction implies that there must be at most one such type per compilation unit. This restriction makes it easy for a compiler for the Java programming language or an implementation of the Java virtual machine to find a named class within a package; for example, the source code for a public type wet.sprocket.Toad would be found in a file Toad.java in the directory wet/sprocket, and the corresponding object code would be found in the file Toad.class in the same directory.
  When packages are stored in a database (?7.2.2), the host system must not impose such restrictions. In practice, many programmers choose to put each class or interface type in its own compilation unit, whether or not it is public or is referred to by code in other compilation units.

• Why Java Web Start doesn't support Pack200 out-of-the-box?

  Hello All,
  Why Java Web Start doesn't support Pack200 out-of-the-box? I was hoping that Java 6 would make things easier by adding direct support for Pack200 in Java Web Start and JNLP without needing to use servlets, etc.? All my clients are Java 5 or above so I can't push the Pack200 compressed version of the jar to every single one of them and there is no selection process needed. But I can't do it because of the servlet or complex Apache server setup requirement (it would be a headache to get customers' web server admins to set up Apache or whatever web server that way).
  My question is why is there unwillingness to add Pack200 support directly to Java Web Start and JNLP so that you can start Pack200 compressed jars just like you would start any jar using Java Web Start? Is te a technical problem?
  Thank you,
  Mete Kural

  Hallo,
  I didn�t try it, but the webstart FAQ�s read:
  Can I use Pack200 compression with the JnlpDownloadServlet?
  Yes. The JnlpDownloadServlet distributed in the samples directory of the JDK now supports Pack200. If you deploy yourfile.jar along with yourfile.jar.pack.gz the packed file will be downloaded when the client is running Java Web Start 1.5.0 or later.
  http://java.sun.com/javase/6/docs/technotes/guides/javaws/developersguide/faq.html#217
  For further information you may want to look at
  http://java.sun.com/javase/6/docs/technotes/guides/javaws/developersguide/downloadservletguide.html#pack200
  The configuration of the server and the the servlet (as described in the second link) is as easy as it seems.
  I got it working on the first try and it was my first experience with websevers at all.
  Bye Schippe
  Message was edited by:
  Schippe

• Java 8 security on OS X

  I got my iMac running OS X. Java 8 security level was too high for most applets to work. Needs some advice. Thanks.

  Try downloading it from the 1st page under All Categories. Every once in awhile, changing the download link clicked makes a difference. If that does not work, contact App Store support.
  App Store support. There is troubleshooting and a contact link.
  Support

• Why SSH is secured over telnet

  Why SSH is secured over telnet?
  Hi folks,
  Why telnet is not secured and why SSh is secured?
  Regards
  Thanveer
  "Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."       

  telnet is in the clear while ssh is not.  In other words, the information travel over the wire can be seen in clear text by the intruder without having to deciper the data.  Not so with SSH. 
  Similar argument can be made with http and http(s).

• Why java is called java2

  why java is called java2 and another thing that i would like to know is why it was renamed to java from its previous name OAK
  Thanx
  Manish

  why java is called java2Not to sure about this one, but I think it was a marketing decision - I guess 'Welcome to the Java 2 platform' sounds better than saying 'Welcome to the JDK 1.2.1 platform' :=)
  and another thing that i
  would like to know is why it was renamed to java from
  its previous name OAKThere was already a patented product named 'OAK', so they had to rename it to something else to avoid the law.
  >
  Thanx
  ManishA brief history of Java:
  http://java.sun.com/features/1998/05/birthday.html
  http://www.ils.unc.edu/blaze/java/javahist.html

• Please Migrate to the java 2 Security Model.

  HI, this is my first post BTW, I dont know much about Java its just that when i try to access my work from home(united Airlines). It was working fine until i had to format My hd and since u can no longer download java from the microsoft site i had to come here to download the newer version and havent been able to access it since. Is there a site or anywhere that i can download hte old version perhaps or get this one to work? when i tyr to login i get this Error in the Java Console:
  ipsNetletStatus.init()
  Netlet Starting (16)
  Netscape security model is no longer supported.
  Please migrate to the Java 2 security model instead.
  Netlet found Netscape
  Netscape security model is no longer supported.
  Please migrate to the Java 2 security model instead.
  Netscape security model is no longer supported.
  Please migrate to the Java 2 security model instead.
  Netscape security model is no longer supported.
  Please migrate to the Java 2 security model instead.
  Netlet config: https://gw-r5.airline.compuserve.com:443/http://as-r5.airline.compuserve.com:8080/NetletConfig?func=loadResources
  ipsNetletStatus.start()
  ...ipsNetletStatus.run() is starting
  Netscape security model is no longer supported.
  Please migrate to the Java 2 security model instead.
  Netscape security model is no longer supported.
  Please migrate to the Java 2 security model instead.
  netscape.javascript.JSException: Failure to evaluate netscape.security.PrivilegeManager.enablePrivilege("UniversalPreferencesRead");navigator.preference("network.proxy.ssl");
  at sun.plugin.javascript.ocx.JSObject.eval(Unknown Source)
  at BrowserProxyInfo.<init>(BrowserProxyInfo.java:58)
  at SServer.loadParameters(SServer.java:140)
  at SServer.start(SServer.java:111)
  at sun.applet.AppletPanel.run(Unknown Source)
  at java.lang.Thread.run(Unknown Source)

  Lokk at this thread http://forum.java.sun.com/thread.jsp?forum=31&thread=297109
  and search the Forums using the term "java 2 security model" (include the quote marks)

• Migrate to the Java 2 security model instead...

  Since I installed Java 4 ver 1.4 on my computer, I have not been able to access my homebanking. In the Java console I get the following message:
  1.4.0 on Windows XP
  Netscape security model is no longer supported.
  Please migrate to the Java 2 security model instead.
  What does it mean, and how do I fix the problem???
  Thanks in advance!

  This is a real pain. I can't roll out Java 1.4 inside our company because we use several applets for which we do not have the source code, and they no longer work because of this limitation. Sun needs to fix this if they want people to upgrade to Java 1.4.