Java Disaster in Florence

The digital library of 3,000-plus manuscripts at the Medicea Laurenziana Library in Florence was introduced on this blog as outstanding news three years ago. This year, disaster struck as hackers round the world exploited security vulnerabilities in Java software. Java's security had to be tightened to such a degree that the current plug-ins for browsers can no longer access the digital library in Florence.

This mess has been evident for several weeks. The library has just issued a notice about the problem which offers little solace other than a promise to act in "a short space of time" to achieve a permanent solution. The notice (digitally dated December 6) blames "security controls in the latest version of the Java interpreter that no longer allow the execution of our viewer."

The interim solution proposed is not satisfactory: uninstalling your current Java version and downgrading to the old low-security version, SE 6, which is "still compatible with our application".

Oracle warns that this version is "not recommended for use" and is reserved for developers and administrators doing debugging. Running an unsafe Java version would, in my view, only be feasible if you were to reserve a dedicated computer to visit the Laurentian site alone. Otherwise the risk would be too great of catching a virus while the PC was used to visit other parts of the internet. And who has computers to spare?

1 comment :