Avoiding Java Vulnerabilities by knowing the root cause, Programming Antipatterns

Session Type: 
Standard [25 minutes]

Schedule info

Room: 
Schubartsaal

The Java Programming language is known as _the_ secure and future-proof choice for enterprise applications, compared
to the native or proprietary competitors. However, a program is only as safe as the programmer allows it to be. He could open backdoors or provide hooks that attackers are happy to use. This is especially true for runtime and middleware components, just as the JDK.

The talk presents a range of examples from the JDK that lead to vulnerabilities, and also discussed how those were addressed in recent security updates. The discussion stresses the cause-effect-relationship which nicely illustrates how antipatterns could cause security bugs, and motivates programmers to detect and avoid them."