Bitcoin Forum>Other>Archival>MultiBit
Author

Topic: MULTIBIT NEEDS JAVA SE6 - ONE THAT WAS RELEASESD IN 2014 - how safe is this? (Read 938 times)

d4n13
full member
Activity: 210
Merit: 104
“Create Your Decentralized Life”
MULTIBIT NEEDS JAVA SE6 - ONE THAT WAS RELEASESD IN 2014 - how safe is this?
June 19, 2015, 01:57:22 PM
#5
Quote from: Muhammed Zakir on May 17, 2015, 07:29:27 AM
Who said this? "Java is more vulnerable" is a popular factoid.

I started another thread on this in BitcoinJ, though my question was different.  It was whether Oracle Inc is less trust worthy than an Open source endeavor (Open JDK)

That said, as long as there is broad enough JDK peer review on RNG, I have no problem with Java per se.
btchris
hero member
Activity: 672
Merit: 504
a.k.a. gurnec on GitHub
Re: MULTIBIT NEEDS JAVA SE6 - ONE THAT WAS RELEASESD IN 2014 - how safe is this?
May 17, 2015, 11:07:34 AM
#4
Quote from: steakpie13 on May 10, 2015, 05:15:32 AM
as you guys know java is very vulnerable and I had to install a YEAR OLD VERSION OF JAVA!!

On my Windows box, MultiBit (Classic) works perfectly fine with the most recent Java SE8.

Quote from: Muhammed Zakir on May 17, 2015, 07:29:27 AM
Who said this? "Java is more vulnerable" is a popular factoid.

Agreed. The vulnerabilities you often hear about relate to the Java sandbox, not to Java itself. The sandbox is responsible for enforcing security rules on untrusted applications, typically run from inside a web browser. (Yes, the Java sandbox is infamous for its security bugs, and deservedly so).

MultiBit does not run inside a sandbox because it is not an untrusted app (you do trust it, don't you?). It has just as much access to your PC as any other normal Win32 app.

Also, if you have a need to, nothing prevents you from installing multiple versions of Java, in which case browser-based Java apps requiring the sandbox will use the most recent version by default.
Muhammed Zakir
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
Re: MULTIBIT NEEDS JAVA SE6 - ONE THAT WAS RELEASESD IN 2014 - how safe is this?
May 17, 2015, 07:29:27 AM
#3
Quote from: steakpie13 on May 10, 2015, 05:15:32 AM
-snip-
as you guys know java is very vulnerable and I had to install a YEAR OLD VERSION OF JAVA!!
 -snip-

Who said this? "Java is more vulnerable" is a popular factoid.

 Java is not less secure than other languages but more secure than C or C++ because of no buffer overflows etc.. See http://security.stackexchange.com/questions/57646/why-do-i-hear-about-so-many-java-insecurities-are-other-languages-more-secure for more details.
virtualx
hero member
Activity: 672
Merit: 508
LOTEO
Re: MULTIBIT NEEDS JAVA SE6 - ONE THAT WAS RELEASESD IN 2014 - how safe is this?
May 17, 2015, 04:29:56 AM
#2
Multibit is created in the Java programming language, that is why you need it. If you don't want to use Java you should use another bitcoin wallet. Bitcoin does not need Java, but Multibit does. Java SE6 is old but not very old.
steakpie13
newbie
Activity: 32
Merit: 0
Re: MULTIBIT NEEDS JAVA SE6 - ONE THAT WAS RELEASESD IN 2014 - how safe is this?
May 10, 2015, 05:15:32 AM
#1
well because I had urgent need I installed it

https://support.apple.com/kb/DL1572?locale=en_US

This is where it took me and told me to download it

as you guys know java is very vulnerable and I had to install a YEAR OLD VERSION OF JAVA!!


how safe is this?

I can delete this carp from my computer right now , I mean java completely from my mac right now,

PLEASE HELP  Cry

Well this is crazy


I just upgraded to oxX 10.10 yosemite btw this is where I'm getting issues.


Thanks.

Bitcoin Forum>Other>Archival>MultiBit
Jump to: