Breaking up J2EE

Grok Headline matches for Breaking up J2EE

Dentata J2EE CMS

Dentata J2EE CMS 06/04/2004 07:10 PM
Dentata J2EE CMS Approved

Stitching up J2EE

Stitching up J2EE 12/02/2003 01:18 AM
Help us support both your platforms, or we'll write for neither. That seems to be what ISVs have been saying to IBM and ...

J2EE 1.5 previewed

J2EE 1.5 previewed 04/26/2004 07:03 PM
SAN FRANCISCO -- Ease of development will be a core focus of J2EE 1.5, the follow-up to the much-heralded J2EE 1.4, a Sun Microsystems official said on Monday.

J2EE Security

J2EE Security 12/22/2003 01:49 PM
Simon P. Chappell writes "Security is not just for the paranoid anymore. There is plenty of documented evidence to show that there are people that are out to ...

Dot-Net vs. J2EE shootout.

Dot-Net vs. J2EE shootout. 03/12/2003 11:18 PM

The shootout was a bit too long and a little too fluffy, but I enjoyed it. I took 20 pages of notes and I will probably write them up for you later but for right now, I'll just give you some quotes from the J2EE team:

Mark Fleury: The worst dog of them all is SOAP.

Sang Shin: Security is not an industry problem, it is a Microsoft problem.

Mark Fleury: C# to be the number one language in two years: you've got to be kidding me.

Mark Fleury: JBoss is a responsible, moral, and open player.

Sang Shin: Web services is like teenage sex, everybody is talking about it but nobody is doing it.

Sang Shin: My grandmother called me last night to tell me that she is doing web services.

Mark Fleury: ADO sucks, Dot-Net caching is not there.

Greg Ackerman: C# is great, very Java like.

Cyanea buy should help IBM compete in
J2EE and APS

Cyanea buy should help IBM compete in
J2EE and APS 08/10/2004 09:25 PM
Computer Weekly Aug 11 2004 1:07AM GMT

Geronimo: Apache y J2EE

Geronimo: Apache y J2EE 11/18/2003 08:07 AM

J2EE Polls Component

J2EE Polls Component 02/12/2004 03:40 PM
v2.5.1

Sun readies J2EE 1.4, app server

Sun readies J2EE 1.4, app server 11/14/2003 05:14 PM
New version will enable the use of Web services in Java applications.

Sun Gives Early Peek at J2EE 1.5

Sun Gives Early Peek at J2EE 1.5 05/07/2004 07:41 AM
At the Serverside Java Symposium, Sun execs say ease of development is the major theme of the Java 2 Enterprise Edition 1.5 as Sun pushes to attract more developers.

Notes from the Dot-Net vs J2EE shootout

Notes from the Dot-Net vs J2EE shootout 03/15/2003 01:29 PM

Here are my notes from the TechEngage J2EE vs. Dot-Net shootout. I tried to be objective while I took these notes Wednesday and while I typed them in today. I may have made some mistakes and I may have let some of my open-source/Java bias show through. You be the judge and leave a comment if you see something that does not look right.

Opening Statements

MS [Dot-Net]: Dot-Net is a vision of XML web services enabled by the Dot-Net Framework that happens on the Windows platform. The evolution of computing goes like this: Mainframe OLTP, Client-server OLTP, N-Tier TP monitors (MTS 1997, first OTM), web applications (J2EE, Cold Fusion, Windows DNA), and finally Web Services on the Dot-Net platform. When people learn about Dot-Net they wonder where is the app server? The app server is the Dot-Net Framework, Windows 2003 Server (with load balancing and clustering), plus developer tools (like Borland Sidewinder and Together Control Center). Windows is the app server.

Sam Shim, Sun [J2EE]: Let's talk about Microsoft's contribution to the evolution of computing. Microsoft's contribution is Fear, Uncertainty, and Doubt. F. U. D. FUD. Let's talk about some of the FUD that Microsoft is spreading. FUD #1 is that J2EE is expensive. Don't listen to them. J2EE is free. The analysts at Gartner say that the hidden cost of Dot-Net is 40%-60% (sorry, couldn't follow this). FUD #2 is that the Dot-Net server is a product. Dot-Net server is not a product yet. Once it is released, how many bugs will it have? How many security problems?

Microsoft says that portability is not important. This is very important. Microsoft wants to lock you in. Single vendor lock-in. Lock-in is not a horrible problem when you are talking about applications like office suites, but for infrastructure, single vendor lock-in is very dangerous and expensive. Microsoft touts interoperability, but only as a bait to draw you into single vendor lock-in. They also say that J2EE is no good for web services: wrong.

FUD #4 is that Dot-Net performs better. This is only true in Microsoft funded benchmarks that are tuned in favor of Microsoft. And look at this paper about the Dot-Net Petshop, it shows that the Petshop is pure spaghetti code. Look at this method call from the Dot-Net Petshop (everybody laughs), this method has 36 arguments. Spaghetti!

FUD #5 is that Microsoft believes in standards and interoperability, but Dot-Net is not a standard. Only about 5% of Dot-Net has been submitted as a standard. None of the important stuff you need to develop app is standard: Winforms, ADO, etc. Even when Microsoft supports a standard, they always add that "Microsoft extra" that breaks compatility with other implementations of the standard. Here is a list of examples: Kerberos, etc. etc.

Greg Ackerman, IBM [J2EE]: I like Letterman and his top ten list so here is my top ten list for J2EE:
1. Openness, avoid single user lock-in
2. Web services, J2EE fully supports
3. Superior platform support, TCO, scalability, Linux
J2EE websphere reference customers (eBay)
4. Products designed to fit your needs
5. J2EE connects to what you already have
6. World class leading development tools
7. Best dev support programs
8. Partner support
9. IBM does not compete with ISVs
10. J2EE is a complete platform

Mark Fleury, JBoss [J2EE]: We are free and we don't suck. JBoss supports all of the J2EE standards and helps Sun to write those standards. JBoss has a services oriented architecture, a microkernel, and a sophisticated net-boot capability. JBoss brings you unified classloading, no more ClassNotFoundExceptions. If JBoss can't find your class, then your class really can't be found.

I'm very impressed with Dot-Net. The method and class atributes support Aspect Oriented Programming. JBoss does some of the same things, adding capabilities to your classes by using attributes, dynamic proxies, and interceptors. All of this stuff can work outside of the JBoss platform too.

JBoss is the defacto standard. 150,000 downloads per month. App server market share is 48% JBoss, 28% BEA, and then the others. JBoss offers extreme stability. JBoss group is 30 people and growing fast. Some of our references customers: EA Games SIMs online is all JBoss, Playboy (I'm very proud of this), BASF, MITRE, McDonalds, etc. etc.

Richard Weeks, NetEdge [Dot-Net]: Customers use different programming languages and Dot-Net supports 40-50 different languages. Dot-Net is all about multi-language support. Those Java guys want you to rewrite all of your code, don't do it. Don't rewrite your code, get interoperability with web services. Dot-Net does not leave anything behind, you can still use your old code.

Richard Lee, Borland [Dot-Net]: Open source is good, but sometimes there is too much choice. Microsoft has learned from Java and open source and has taken the best aspects of them and has built them into Dot-Net. Borland knows how good Dot-Net is because Dot-Net made it possible for us to build products very quickly. Our Dot-Net products come out of our Rapid Application Development (RAD) group because they are so rapid. Dot-Net makes things so easy, Microsoft is not the dark side, they are our friends.

Q1: What sets your platform apart?

Sam Shim, Sun [J2EE]: Our vision has always been "the network is the computer". We have been active in open source software with Open Office, Netbeans, and Apache. J2ME is everywhere. Java is everywhere from cars, computers, and phones to rings, smart cards, etc. Java makes true end-to-end computing possible. Our innovation continues with the N1 project which promises complete virtualization of resources, ORION to solve maintenance and upgrade problems, and Madhatter to bring Linux and open source to the desktop.

Greg Ackerman, IBM [J2EE]: The things that set J2EE apart are openness, standards, and choice. The things that set Websphere apart are scalability/TCO, web services, comprehensiveness, dev support, business partner support, support for open source, and most importantly community.

Mark Fleury, JBoss [J2EE]: Everybody brags about open source. At least Microsoft is honest about it. Microsoft does not like open source and they say so. Sun is very hypocritical about open source. Both Sun and Microsoft have accused JBoss of taking away the license revenue money that drives R&D. Guilty as charged! The truth is this: the big guys can't compete at the container level and that is why you hear about portal this schmortal that. SOURCE CODE is what sets us apart. The advantages of J2EE are that it is mature, free, and ubiquitous. Dot-Net on the other hand is expensive and buggy. Remember, JBoss wants to commoditize the app server and Microsoft wants to commoditize the developer.

Richard Weeks, NetEdge [Dot-Net]: Dot-Net supports both managed and unmanaged code. Dot-Net is flexible. Sometimes web service implementations don't really follow the standard and Dot-Net helps you to get around this by allowing you to tweak how it's implemented. Plus, you can call COM objects. I know BEA has some Java2COM tool, but Dot-Net's COM support is better. The SDK and the class libraries are free and there are lots of free tools, SharpDevelop for example. You don't need a big expensive app server because Dot-Net gives you choices. You can use only the small parts that you need. Use your old code, don't rewrite it.

Microsoft [Dot-Net]: Windows is the app server and Windows is not expensive. Windows Advanced Server is only $5000. Microsoft and IBM are driving the web services standards, not Sun. Windows is a standards-based integration platform and platform integration gives Dot-Net much better performance than Java. The Dot-Net developer experience is fantastic. We've got multi-language support, the best web application development environment ever in ASP.NET, ADO.NET, and a strong versioning story.

REBUTTAL: Sam Shim, Sun [J2EE]: Sun was not involved in the Web services standards because Bill Gates was playing politics. Bill made sure that Sun did not get invited. Microsoft wants royalty based licensing included in standards. Microsoft wants to charge for every packet of information and monopolize the internet.

Q2: show and tell how you support web services?

Greg Ackerman, IBM [J2EE]: Websphere supports "on demand" computing which allows you to compose your applications as reusable services.  Let's look at a demo of creating a web services using Websphere Studio (shows an AVI animation of Websphere Studio). Let's build a stock quote web service. You can build in Websphere Studio and then use a Dot-Net client to access the web service.

Mark Fleury, JBoss [J2EE]: This is when I go Phbbbbtbphphppph (makes a loud farting sound with his lips). Web services is totally vendor driven and all hype, but JBoss supports it fully. We integrate Axis. I don't have much else to say. Let me ask you some questions. How many people do Java and have a Java app in production? (20 or 30 people raise their hands)  How many people do Dot-Net and have a Dot-Net app in production? (20 or 30 people raise hands)  How many people have a app that uses both Dot-Net and Java at the same time?  (nobody raises their hands)  See? This interoperability stuff is just vendor noise. You need to avoid serialization and avoid RMI and remember SOAP is the biggest dog of them all. B2B will not work. I worked with SAP once and found that these guys can't even create a common object model across one company. B2B vendors are never going to be able to create object models that cross industries.

Richard Lee, Borland [Dot-Net]: Let's use Control Center to create a web services. You just set the project type to C# and you are off.  You can add a class using UML notation and the code is generated automatically. If you change the code, the diagram changes. If you change the diagram, the code changes. You can use a wizard to make any object into a web service.

Kenny Jones, MS [Dot-Net]: Analysts say that Microsoft has the best support for Web services. We support web services through our entire product line from Office, MS SQL, and MSMQ, to BizTalk, Excel, etc. Look at you you do web services in Dot-Net Studio. You just add an attribute to your object and it becomes a web services. Let's look at how you use a web service in Dot-Net studio. You just add a "web reference" and then you have a proxy object that you can use to call a web service.

Sam Shin, Sun [J2EE]: Web services is like teenage sex: everybody talks about it but nobody is doing it. There are three phases of web services adoption: 1)  simple (now), 2) Enterprise Application Integration (beginning) and 3) Business web services (2004).  #3 is the most important and Sun will support it through J2EE, UBL, ebXML, and the Liberty Alliance.  It is very easy to create web services by exposing EJBs, here is how you do it in Netbeans (shows a wizard).

REBUTTAL: Greg Ackerman, IBM [J2EE]: the analysts are mixed on who is the leader in web services. Some say Microsoft and some say IBM. IBM does web services for many more customers than Microsoft does.

REBUTTAL:  Mark Fleury, JBoss [J2EE]: IBM is much better on standards than MS.

REBUTTAL:  Microsoft [Dot-Net]: J2EE support for web services is irrelevant. App server vendors and open source software is pushing web services much harder than Sun.

Q3: how do you support building apps for hundreds of thousands of users?

Mark Fleury, JBoss [J2EE]: To support big applications you need grid computing, but grids are too expansive when you must pay for software licenses. You also need caching and JBoss has great support for caching. Don't use serialization. Use caching. Also, you need to integrate the stack within one virtual machine.  Dow Jones uses JBoss to support 10,000 clients.

Richard Lee, Borland [Dot-Net]: How do you build N-Tier apps?  You need to use modeling and code generation. You need to use Model Driven Architecture (MDA). Here is a demo of MDA in Together Control Center.

Kenny Jones, MS [Dot-Net]: We support this by the scalability of the Windows platform with load balancing, clustering, and caching built into ASP.Net that allows you to easily cache pages and portions of pages. Also with distributed session state and the ADO disconnected data set. You need technology, but you also need the knowledge and you can get teh knowledge from the MSDN program and Microsoft Patterns and Practices. Look at all of these customers who use Microsoft to support giant customer bases Merril Lynch, London stock Exchange, etc.). To summarize, the platform is scalable and the knowledge is available.

Sam Shin, Sun [J2EE]: Java has the scalability. Sun has 64-bit support in the Java VM. When will Microsoft have that? One VM can scale up to 100 processors, X RAM, and X threads. Tremendous scalability of just one Java VM. J2EE is all about scalability and reliability. J2EE vendors compete on scalability and reliability to benefit you. Dot-Net is constrained by Windows, Dot-Net is not proven, Dot-Net is single-vendor lock-in.  Why should you be the Dot-Net guinea pig?

Greg Ackerman, IBM [J2EE]: IBM has a great deal of experience in distributed computing (CORBA, Encina, etc.).  J2EE is designed for this stuff.  Remember the case studies.  Java and VMs are scalable.

REBUTTAL: Microsoft [Dot-Net]: The analysts say that portability across J2EE app servers is going to become more and more difficult. Java app servers do contain vendor lock-in features.  Java allows you to scale to bigger more expensive hardware. With Dot-Net you won't need to do that, you can stick with the hardware you already have.

REBUTTAL: Mark Fleury, JBoss [J2EE]: The EJB spec does not give you what you need to scale, you need the cache. The spec is fighting the implementation here. J2EE is not moving fast enough. We need Aspect Oriented Programming, from Xerox, where all good things emanate. Dot-Net does not have what it takes here either: ADO sucks and Dot-Net caching is not there.

Q4: explain your platform's security system?

Richard Weeks, NetEdge [Dot-Net]: Dot-Net provides code-access security. This allows you to say where what a piece of code is allowed to do. For example, if you have a consultant that you don't trust, you can lock his code down so that it does not threaten you. Encryption is built in.  ASP.Net has forms based security. No more buffer overflows because of the Dot-Net runtime. Microsoft is putting a big emphasis on integrated securty.

Kenny Jones, MS [Dot-Net]: Windows security vulnerability is a myth. Security is an industry wide problem, not Microsoft problem.  Windows has fewer CERT security advisories than Sun or Redhat. Microsoft has a serious "trustworthy computing" initiative going on.  Microsoft won the Open Hack 4.0 contest.  Let me show you how code that is downloaded from the internet is treated differently than code that lives on your hard-drive. See: this downloaded code is not allowed to run.

Sam Shim, Sun [J2EE]: Security IS a Microsoft problem. Security must be built-in from the beginning. You cannot just bolt it on as an afterthought. Look at the passport fiasco.  Microsoft's Passport identity management system was centralized, single-point-of-failure, controlled by Microsoft, and single point-of-attack. No wonder everybody hated it and it failed.  The Liberty Alliance on the other hand is a federated system, much better.  There are 52,000 viruses for Windows and the analysts say it is time to switch away from Windows based web servers. Viruses are very expensive. The ILOVEU virus costs us $1 billion dollars. NIMBDA costs $2.6 billion. Recently, Microsoft's Craig Mundie said "we've been thinking about security for almost three years now."  Microsoft has been in business for 27 years. It took them 24 years to realized that security is important.

Greg Ackerman, IBM [J2EE]: Good for Microsoft! They finally realize that security is important, but security needs to be built-in from the start.  Look at Dot-Net security: sandboxing, code-access security, not exactly novel concepts. Dot-Net security is just a copy of Java security.  IBM is cooperating with Microsoft on Web services security.

Mark Fleury, JBoss [J2EE]: UNIX has had better security than Windows for many years. Security cannot be bolted on.  Java security is excellent. JBoss did JAAS security years ago, before all of the other app server vendors.  JBoss can also use interceptors to add additional security.

REBUTTAL: Sam Shin, Sun [J2EE]: Microsoft FUD #9 is that Dot-Net is secure. Dot-Net depends on COM+ which is not managed code and is therefore unsecure. C# permits unsafe and unsecure code.  Passport has already been hacked.

Closing Statements

MS [Dot-Net]: Let's take a look at what it takes to build a mobile web app, one with an adaptive UI that looks different depending on which device you use to access it. Let me cut-and-paste some code here and let's try to run it.  Oh no, the Dot-Net server is not responding (his computer appears to lock-up).  Analysts say that C# is going to be the number #1 language in two years.

Mark Fleury, JBoss [J2EE]: C# to be the #1 language in two years? You're freaking kidding me. Dot-Net has some good features, but multi-language support is just cute, no more. Without portability off of the Windows platform, Dot-Net will go nowhere.

Sam Shim, Sun [J2EE]: Java is the most powerful development technology ever.  There are 3 million Java developers, 65 million Java enabled phones, 8 million lines of Java source contributed to open source, etc. etc. The development resources are all free: open source software is almost all Java, tutorials, knowledge base, community!

Greg Ackerman, IBM [J2EE]: C# is great, very Java like.  Make the rational choice (no pun intended). VB.Net has a big learning curve, even for veteran VB programmers.  C# does too, so why don't you just go directly to Java.  We will welcome you into the community. Come on out the the Websphere Users Group and the Java Users Group meetings in the Park.

Mark Fleury, JBoss [J2EE]: JBoss is a responsible, moral, and open player. Let JBoss be the standard, not Dot-Net or J2EE.

Richard Weeks, NetEdge [Dot-Net]: We keep hearing about free this and free that. Open source is not free. Support costs money.  Multi-language is not just a cute feature. Each language has it's own unique advantages and disadvantages. C# and Java are different. C# is better.

The LAMP alternative to J2EE or .Net

The LAMP alternative to J2EE or .Net 04/06/2005 12:14 PM
Linux, Apache, MySQL and either Perl, PHP or Python provide low-cost, open-source options.

Does J2EE live up to hype?

Does J2EE live up to hype? 09/09/2002 10:39 PM
CNET Sep 9 2002 10:11PM ET

J2EE 1.5 will ease development, says Sun

J2EE 1.5 will ease development, says Sun 04/27/2004 10:22 AM
Computer Weekly Apr 27 2004 2:07PM GMT

Developing for Healthcare - .NET vs
J2EE?

Developing for Healthcare - .NET vs
J2EE? 12/24/2004 12:44 PM
Slashdot Dec 24 2004 12:20AM GMT

Does J2EE live up to expectations?

Does J2EE live up to expectations? 09/06/2002 10:43 PM
CNET Sep 6 2002 10:06PM ET

J2EE Design Patterns

J2EE Design Patterns 12/02/2003 01:27 AM

J2EE 'grossly unreliable'

J2EE 'grossly unreliable' 12/02/2003 01:18 AM
According to a survey published by performance testing company Wily Technology, applications that run on the J2EE ...

Dynamically Typed: J2EE Guy Still
Doesn't Get PHP

Dynamically Typed: J2EE Guy Still
Doesn't Get PHP 07/01/2004 08:47 AM
Dynamically Typed has a new entry concerning the past post about Friendster going PHP, and how the J2EE guy still doesn't get it.

Core J2EE Pattern ValueListHandler

Core J2EE Pattern ValueListHandler 06/11/2004 05:54 PM
ValueList 1.1 Released

Microsoft J2EE & .NET Interoperability
Toolkit

Microsoft J2EE & .NET Interoperability
Toolkit 06/09/2004 11:57 PM
Microsoft J2EE & .NET Interoperability Toolkit includes an eBook with introduction to Interoperability Technologies and sample codes.

JFox - J2EE Application Server

JFox - J2EE Application Server 12/07/2003 10:57 PM
JFox 1.0 Final Released!

Adobe releases J2EE product

Adobe releases J2EE product 06/07/2004 01:54 PM
CNET Jun 7 2004 6:02PM GMT

Will EJB 3.0 turn J2EE thinking on its
head?

Will EJB 3.0 turn J2EE thinking on its
head? 05/14/2004 06:06 AM
LAS VEGAS -- Developers got their first view into what may be the future of Java development during last week's TheServerSide Java Symposium. What's in store for Enterprise Java Beans, in fact, may put some long-held Java thinking on its head -- literally.

J2EE Industry Management Tool

J2EE Industry Management Tool 12/15/2003 09:19 AM
Changelog for dwjsplib

.NET and J2EE Performance and
Scalability Benchmarks

.NET and J2EE Performance and
Scalability Benchmarks 06/10/2004 05:51 PM
This webcast covers .NET and J2EE Performance and Scalability Benchmarks.

NetBeans IDE 3.6 touts windowing, J2EE
1.4

NetBeans IDE 3.6 touts windowing, J2EE
1.4 04/23/2004 05:48 PM
NetBeans IDE 3.6, a major revision to the open source platform, is now available, adding improved windowing, debugging, and backing for J2EE 1.4.

Sun releases first J2EE 1.4-compliant
app server

Sun releases first J2EE 1.4-compliant
app server 04/16/2004 06:28 AM
Sun Microsystems, still smarting from yet another poor financial quarter -- a $760 million loss in fiscal Q3 -- Friday announced some good news: the general availability of the first J2EE 1.4-compliant standard application server. The new server follows two key Sun development product releases in the last two weeks: the open source NetBeans 3.6 and the graphical Java Studio Creator IDE.

Roundhouse J2EE Application Platform

Roundhouse J2EE Application Platform 04/15/2004 02:24 PM
Roundhouse Home Page

J2EE Certificate Authority, EJBCA

J2EE Certificate Authority, EJBCA 01/10/2004 10:49 AM
EJBCA 2.1.1 released

JBoss closing in on J2EE certification

JBoss closing in on J2EE certification 06/28/2004 08:05 PM
SAN FRANCISCO -- Open source software vendor JBoss, which has offered an open source Java application server sans J2EE certification, is closing in on that accreditation, according to the company?s chief executive.

The J2EE Tutorial - complete guide

The J2EE Tutorial - complete guide 07/27/2004 05:56 AM
Site Offer Give yourself a head start and save 30%

IBM Buys J2EE App Management Vendor

IBM Buys J2EE App Management Vendor 07/29/2004 10:06 PM
Driven by the "need for end-to-end application management capabilities," the company acquires Cyanea and plans tighter integration of its technology into the Tivoli Event Console and the Tivoli Business Systems Management software.

Red Hat Rolls Out J2EE Application
Server

Red Hat Rolls Out J2EE Application
Server 08/03/2004 12:49 PM
Red Hat Application Server marks the first time a major Linux operating system vendor has announced its own J2EE application server.

Macromedia expands J2EE pitch

Macromedia expands J2EE pitch 08/23/2004 02:46 AM
CNET News.com Aug 23 2004 7:00AM GMT

J2EE support in NetBeans 4.0 is getting
closer

J2EE support in NetBeans 4.0 is getting
closer 09/01/2004 05:52 AM
Computer Weekly Sep 1 2004 10:07AM GMT

JBoss ships J2EE app server

JBoss ships J2EE app server 09/20/2004 12:17 PM
Open-source software maker releases big update to Java-based application server program.

Macromedia unveils new J2EE Web tools

Macromedia unveils new J2EE Web tools 09/09/2002 02:35 PM
CNET Sep 9 2002 12:38PM ET

Macromedia joins J2EE big league

Macromedia joins J2EE big league 09/09/2002 04:25 AM
The Register Sep 9 2002 3:40AM ET
Grok Description matches for Breaking up J2EE
GrokA matches for Breaking up J2EE

Network Everywhere NR041 Router DHCP
Script Insertion

Network Everywhere NR041 Router DHCP
Script Insertion 08/27/2004 05:41 PM

Direct and Related Links for 'Network Everywhere NR041 Router DHCP Script Insertion'

Mathieu Lacroix has reported a vulnerability in Network Everywhere Cable/DSL 4-Port Router NR041, allowing malicious people to conduct script insertion attacks….

Vulns: Network Everywhere NR041 Router
DHCP Log HTML Injection Vulnerability

Vulns: Network Everywhere NR041 Router
DHCP Log HTML Injection Vulnerability 08/28/2004 04:50 PM
SecurityFocus Aug 28 2004 8:30PM GMT

RCA / Thomson Modem Hack Discovered

RCA / Thomson Modem Hack Discovered 12/27/2004 12:43 PM

NEC 3500 Firmware Speed Hack is Out

NEC 3500 Firmware Speed Hack is Out 09/16/2004 11:07 AM

Change Your Linksys WRT54G Admin
Password Right Now!

Change Your Linksys WRT54G Admin
Password Right Now! 06/02/2004 01:16 PM
Tech consultant discovers that Linksys WRT54G allows remote, over-the-Internet administration login even when remote management is turned off: Because all broadband gateway vendors ship their equipment with default passwords like public or admin, this vulnerability is moderately critical according to the Secunia security consultants. An automated attack could scan millions of home broadband network addresses and feed them the WRT54G Web login sequence. With remote administrative access, the most that could happen is vandalism: the Linksys doesn't provide tools via its Web interface for packet sniffing, but someone could corrupt the setup and lock a user out by changing the password, requiring a hard reset. Also, Linksys' Web form appears to send the WEP or WPA password as hidden password text in a Web form, but that text is unencrypted in the HTML source, which can easily be viewed....

302 Redirect Hack Fastly Becoming Most
Infamous SE Listings Hack Ever

302 Redirect Hack Fastly Becoming Most
Infamous SE Listings Hack Ever 03/14/2005 05:10 PM
This subject just will not die until the search engines address it. "Google and Yahoo are now working to perfect ways to determine when to treat a 302 like a Moved-Temporarily redirect, and when to treat it like an exit-tracker. It's far from a simple problem, so it's going to take some time."

U.S. Robotics Broadband Router 8003
admin password visible

U.S. Robotics Broadband Router 8003
admin password visible 06/08/2004 03:27 PM
Fernando Sanchez (Jun 08 2004)

10.3: Use a password analyzer to improve
password security

10.3: Use a password analyzer to improve
password security 10/30/2003 12:37 AM
If you try to change the password for a Keychain using the Keychain Access app, you'll notice on the resulting dialog box a circular button with an 'i' in it, as seen in the inset in the screenshot. If you click on it, Panthe...

XP SP2: Registry Hack and Download To
Prevent a System From Installing SP2

XP SP2: Registry Hack and Download To
Prevent a System From Installing SP2 08/13/2004 12:08 AM
Tech-Recipes Aug 13 2004 3:13AM GMT

Hack . . . hack back . . . repeat

Hack . . . hack back . . . repeat 08/13/2004 10:39 AM

New Password Recovery Tool for Microsoft
Office Suite Documents is Able to
Recover Passwords to Documents Created
in 14 Applications, and Supports More
Than 30 Types of Password Encryption.

New Password Recovery Tool for Microsoft
Office Suite Documents is Able to
Recover Passwords to Documents Created
in 14 Applications, and Supports More
Than 30 Types of Password Encryption. 12/24/2004 12:19 PM
ElcomSoft Co. Ltd. has released Advanced Office Password Recovery (AOPR), an application that allows business managers, information technology support administrators, and law enforcement officials to gain access to Microsoft(R) Office(R) password-protected documents, that have been accidentally or purposefully password protected. New product combines the latest and the most advanced cryptanalysis algorithms developed by Elcomsoft's research department. AOPR is capable of instantly recovering passwords for a wide range of Microsoft's business and office applications, including all components of MS Office, from the very first DOS versions to Office 2003 programs, including the ones for Windows, Mac, Pocket PC and localized versions. Over 30 different types of password encryption methods are supported. [PRWEB Dec 22, 2004]

PasswordWallet - A password management
app

PasswordWallet - A password management
app 06/22/2005 02:23 AM
The macosxhints Rating:[Score: 7 out of 10] Developer: Selznick Scientific Software / Product Page Price: $18 (Mac) / $15 (Palm OS) Note: This is the Pick of the Week for the week of June 13th. For a long time, I'v...

Password Management System

Password Management System 04/15/2005 05:19 AM
Added harry_b as Project Admin

Wireless Modem (BT Voyager 2000 Wireless
ADSL Router cleartext password)

Wireless Modem (BT Voyager 2000 Wireless
ADSL Router cleartext password) 06/22/2004 08:18 PM
Konstantin V. Gavrilenko (Jun 21 2004)

Default Password List

Default Password List 01/10/2004 10:12 PM
http://www.phenoelit.de/dpl/dpl.html Think I even found the Default Password to my toaster.... (via rootsecure )

An Open Request For An iTunes Hack

An Open Request For An iTunes Hack 12/19/2004 03:43 PM

Want to burn your iTunes Music Store audiobooks to CD, but those huge audio behemoths are standing in your way? Me too. By Brian Sawyer, O'Reilly Network

U.K. debit card processor turns to
password management 'Vault'

U.K. debit card processor turns to
password management 'Vault' 03/17/2005 02:59 AM
With more than 800 hardware and software passwords to keep track of, British debit card transaction vendor Voca Ltd. turned to software from Cyber-Ark to handle the task.

ProxyView default undocumented password

ProxyView default undocumented password 01/01/2004 04:31 AM
Michael Brown (Jan 27 2003)

Secure Password Generator 1.1 (Default
branch)

Secure Password Generator 1.1 (Default
branch) 04/17/2005 04:54 AM
Secure Password Generator delivers several methods for generation of secure random passwords and passphrases. Among the offered methods are Diceware methods with the original Diceware wordlist and S/Key wordlist. The program outputs the calculated entropy along with the password.

---

Changes:
This release includes major security improvements (such as memory locking and zeroing), major code cleanups, a manual page, and a simple installation procedure. Pre-built binaries for any OS are no longer distributed.

Dynalink RTA230 Default Username and
Password

Dynalink RTA230 Default Username and
Password 09/06/2004 02:04 PM

Direct and Related Links for 'Dynalink RTA230 Default Username and Password'

“fabio has reported a security issue in Dynalink RTA230, which can be exploited by malicious people to gain control of a vulnerable device. The problem is that even when the administrative password has been changed, a default account remains active. This can be exploited to gain access using the following username/password combination: Username: userNotUsed Password: userNotU Reportedly, the product listens on all interfaces by default. SOLUTION: Disable remote access. Use another product.”…

Cable Modem Hackers unlock Cable Modem

Cable Modem Hackers unlock Cable Modem 02/10/2004 02:44 AM
A very amazing article on the Register on how a group of hackers have unlocked a certain brand of cable...

US Emergency Alert System open to hack
attack

US Emergency Alert System open to hack
attack 08/13/2004 03:35 AM
Security and encryption 'not primary design criteria'

Console Password Manager 0.2beta
(Default branch)

Console Password Manager 0.2beta
(Default branch) 04/15/2005 04:26 AM
cpm (Console Password Manager) is a small console tool to manage passwords and store them in a file that is encrypted with a public key mechanism. The encryption is handled through GnuPG, and the data is stored as XML.

---

Changes:
This release features minor GUI changes so navigating the data should be more comfortable now.

Console Password Manager 0.3beta
(Default branch)

Console Password Manager 0.3beta
(Default branch) 04/19/2005 06:45 AM
cpm (Console Password Manager) is a small console tool to manage passwords and store them in a file that is encrypted with a public key mechanism. The encryption is handled through GnuPG, and the data is stored as XML.

---

Changes:
This release fixes some bugs which, for example, occurred when a certain illegal command line syntax was used. GUI handling was fixed for the edit and delete commands and they now also follow the list focus. Moreover, a migration tool for PMS (Password Management System) is included in the package.

Console Password Manager 0.1beta
(Default branch)

Console Password Manager 0.1beta
(Default branch) 04/13/2005 02:11 PM
cpm (Console Password Manager) is a small console tool to manage passwords and store them in a file that is encrypted with a public key mechanism. The encryption is handled through GnuPG, and the data is stored as XML.

Default username/password pairs in ON
Command CCM 5.x database backend

Default username/password pairs in ON
Command CCM 5.x database backend 09/20/2004 07:06 PM
Jonas Olsson (Sep 20 2004)

College using Social Security numbers as
default passwords now suffers hack

College using Social Security numbers as
default passwords now suffers hack 06/06/2005 12:06 AM

Firmware Update For Sony DRU500AX DVD
Burner

Firmware Update For Sony DRU500AX DVD
Burner 03/19/2003 10:46 PM

HotFix Watch: DHCP Management Pack in
MOM 2000 SP1 cannot monitor a Windows
Server 2003-based computer that is
running the DHCP service

HotFix Watch: DHCP Management Pack in
MOM 2000 SP1 cannot monitor a Windows
Server 2003-based computer that is
running the DHCP service 06/29/2004 05:07 PM

Qwest Offers Wi-Fi in DSL Modem

Qwest Offers Wi-Fi in DSL Modem 04/09/2004 03:57 PM
Qwest is selling DSL customers a $60 (or rented for $3/month) gateway with Wi-Fi built-in: Actiontec is a big winner here, with Qwest selling their DSL/Wi-Fi combo. This may be the first U.S. telecom or cable firm to offer Wi-Fi so aggressively as an integrated product, but it won't be the last. It will soon be de rigeur to offer Wi-Fi as an option or a baseline feature in gateways and broadband modems. The products are available; the ISPs just need to hop on the right bandwagon. The price is notable, because past offerings of Wi-Fi equipment to telco customers has been far above market prices. This price tag of $60 seems perfectly reasonable given its integration. It's not clear from the article whether technical support for Wi-Fi is included in the DSL subscription....

Breaking up J2EE

The following phrases have been identified by the grok system as matching this entry: firmware for wcg200 insight hack admin password on smc8013wg dmp-x20 hacks download sony vaio bios update, pcg 9411 qwest di-514 "smc cable modem" and "default password" nr041 bandwidth management comcast wcg-200 open up dhcp nr041 hack adc-320 wep key