Chris Pirillo » java-vm

Java Security Video

Chris — Sun, 26 Aug 2007 23:55:37 +0000

Java Security Video is a post from Chris Pirillo

Chris K. just watched the podcast on Java security, and was (thankfully) able to put a finer point on it. Not to mention, clarifying a misspoken URL:

The way Java runs is that it has a JVM (Java Virtual Machine), and commands in Java are sent to these VM. The VM, which is coded for each OS, sends the code to the processor after translating it. The processor then performs the action.
For example, on Mac: new BadGuy(); -> Mac OS -> JVM -> Translation -> Processor -> Performs -> Reserves spot in RAM for the new BadGuy. The same applies on Windows or Linux, or anything else you care to name.
In some cases, Java doesn’t use a JVM, instead using a physical hardware chip, installed directly on the motherboard in most cases. The code will go to this chip instead of the JVM, and then is sent directly to the processor. This is many times faster in most cases. When you download the newest Java, it will either install the latest firmware upgrade for the chip in your computer, or it will install the JVM (or sometimes both).
Java is one of the most secure programming languages. It has several layers of security:
A compiler won’t be able to compile code that accesses the files on the computer in any way. It can make a stand-alone application with a specific kind of compiler, but then it won’t be web-usable (it is not like flash in the sense that you can put anything on the web, or off the web; it has to be specially coded for an applet. Of course, you could use a rouge compiler, but that brings us to our next layer of security.
The JVM, or the firmware on the chip, will stop any access to files through applets, and will warn the user, and ask permission. This prevents even a rouge compiler from compiling “bad” code.
The final layer of security falls to the operating system, which the code goes through.
Can you make a Java application that deletes all of the files on your computer? Hell yes! Can you make an applet? No. Java applets are completely blocked from modifying files on your computer, unless they have a certificate from VeriSign, etc.
However, can you make a .exe (or Mac application) that deletes everything on your computer? Yes, you can. For the most part, Java is very secure, and if you don’t upgrade, you still are just as secure, because any new code on an updated compiler won’t run, so there’s no change of an exploit with new compilers. (PS: It’s java.sun.com, not sun.java.com as you said in your podcast)

How to Handle Remote Tech Support

chris@lockergnome.com (Chris Pirillo) — Mon, 13 Jul 2009 06:30:00 GMT

Using GoToAssist is the easiest way to view and control another person's computer online. Use it to provide instant technical support to family, friends and customers. Start a session with just one click, and instantly connect with the other party.

Network Tools for Windows

chris@lockergnome.com (Chris Pirillo) — Mon, 25 Feb 2008 06:30:00 GMT

You need these network tools, no matter which operating systems and networks you have to support. SolarWinds ipMonitor: Affordable Network Monitoring for SMBs. Get turnkey network, server and application availability monitoring with SolarWinds ipMonitor v9.0. This easy-to-use, reliable solution for SMBs delivers out-of-the-box availability monitoring so you always know exactly what's up with Active Directory, DNS, Exchange, FTP, Web, IMAP, MS SQL Server, and SMTP. Download your free trial today. Or, try their totally free tools! And, through 2/29, save 20% when you purchase ipMonitor 9.0.

Get Your Own Web Site

chris@lockergnome.com (Chris Pirillo) — Mon, 25 Feb 2008 06:30:00 GMT

Starting at just $3.99/month, web hosting from GoDaddy includes 99.9% uptime, 24/7 support and free access to GoDaddy Hosting Connection, THE place to install over 30 FREE applications sure to help you get the most from your hosting plan and Web site. Enter code CP2 at checkout, and save an additional 10% on any order.

Plus, as a friend of Chris Pirillo, enter code CHRIS7, that's C-H-R-I-S and the number 7, when you check out, and save an additional 10% on any order. Get your piece of the internet at GoDaddy.com.

VMware and Parallels for Virtual Machines

chris@lockergnome.com (Chris Pirillo) — Mon, 25 Feb 2008 06:30:00 GMT

It doesn't matter if you're running on Windows or Mac OS X - every power user needs either Parallels or VMware (or both). There's never been an easier way to test software without destroying your primary operating system's stability. Think of how many times you wish you could press a 'reverse' button on your computer. Plus, there's no easier way to try new Linux distributions - see what all the fuss is about. Run Windows in OS X, run Linux in Windows, but the best way to do either is with VMware and/or Parallels.

Coupons for Online Shopping

chris@lockergnome.com (Chris Pirillo) — Sat, 12 Jul 2008 07:56:13 GMT

This feed is fueled by Lockergnome Online Shopping and Coupon Codes

Before you shop next time, see if we have a coupon first.