The FTC says Oracle 'deceived consumers' and left software on 850 million PCs vulnerable to hackers
REUTERS/Robert Galbraith
The FTC says the software giant "deceived consumers" when issuing security updates to a piece of software just about every PC on the planet uses, called Java. The FTC estimates some 850 million PCs use Java Standard Edition (the version that the FTC says is problematic).
Oracle declined comment.
Java is software for running web applications, things like games, chatrooms, calculators, 3D image viewing, and so on. Java is controlled by Oracle, inherited when Oracle bought Sun in 2010.
The FTC says that Oracle never told consumers that when they get those pesky messages to update Java security and agree to the updates, that Oracle wasn't fully updating all versions of the Java SE apps they may have installed on their machines.
It was only updating the most recent version and ignoring older versions. And these older versions were often chock full of bugs that hackers could use to hack a person's PC.
The FTC explains:
In its complaint, the FTC alleges that Oracle promised consumers that by installing its updates to Java SE both the updates and the consumer's system would be 'safe and secure' with the 'latest… security updates.' ...
In 2011, according to the FTC's complaint, Oracle was aware of the insufficiency of its update process. Internal documents stated that the 'Java update mechanism is not aggressive enough or simply not working,' and that a large number of hacking incidents were targeting prior versions of Java SE's software still installed on consumers' computers."
In a blog post, the FTC really went to town saying, "What's worse than stale coffee? Stale Java."
Under the FTC's proposed settlement with Oracle, Oracle will be required to tell Java users about the problem via social media and its website, and provide tools and instructions on how to remove older versions of Java SE.
The security updates will also be required to work as advertised, with Oracle telling consumers if they have an outdated version of Java SE on their computers and giving them the option to uninstall it
Oracle has agreed to settle the FTC charges, and the settlement is now subject to public comment for 30 days.
In the meantime, the FTC wants you to know that if you do have older versions of Java, here's the website that will help you remove them: java.com/uninstall.
- In second consecutive week of decline, forex kitty drops $2.28 bn to $640.33 bn
- SBI Life Q4 profit rises 4% to ₹811 crore
- IMD predicts severe heatwave conditions over East, South Peninsular India for next five days
- COVID lockdown-related school disruptions will continue to worsen students’ exam results into the 2030s: study
- India legend Yuvraj Singh named ICC Men's T20 World Cup 2024 ambassador
- JNK India IPO allotment date
- JioCinema New Plans
- Realme Narzo 70 Launched
- Apple Let Loose event
- Elon Musk Apology
- RIL cash flows
- Charlie Munger
- Feedbank IPO allotment
- Tata IPO allotment
- Most generous retirement plans
- Broadcom lays off
- Cibil Score vs Cibil Report
- Birla and Bajaj in top Richest
- Nestle Sept 2023 report
- India Equity Market