Ask The Java SE Architect Live from Devoxx UK

Will Dropping Serialization from Java Remove the Vulnerabilities?

During “Ask The Architect” at the Devoxx UK 2018 conference, Oracle’s chief architect, Mark Reinhold, called Java’s serialization mechanism a “horrible mistake” and a virtually endless source of security vulnerabilities. More importantly, Reinhold announced Oracle’s decision to improve Java’s security by changing the way Java handles object serialization. Nearly half ... Read More