17 Nov
2014
17 Nov
'14
10:33 a.m.
| From: Walter Dnes <waltdnes@waltdnes.org> (Nice hack to run multiple browser instances.) | * As others have pointed out, the Java plugin is a major security hole, | a cross-platform equivalant of Active-X. Remove, or disable the | plugin. No, it isn't like Active-X. Totally different security model. Active-X: total trust in signed plug-ins Java: sandbox the application so that it isn't able to do unauthorized things. Unfortunately, the attack surface is large enough that there were likely and have been implementation failures.