Modular Development with JDK 9

Alex Buckley, Editor of JLS/JVMS at Oracle covers the topic of Modular Development with JDK 9
03 October 2017   1663

What does strong encapsulation mean in JDK 9?  How do you migrate your current application to modules? Alex Buckley explains in great detail the key concepts behind modules.  He describes how the module system can improve the structure of your code, how you can migrate your application progressively by mixing modular and non-modular code, and how a modular JDK enables better compatibility.  

The module system is a big part of the JDK 9 release, which is planned for September. With JDK 9, you will still be able to run your applications on the classpath. The new module system is built into the Java language and the virtual machine. Your applications and the libraries you use can be packaged, tested and deployed as modules managed by the module system. A module is essentially a set of packages that make sense being grouped together and is designed for reuse.  Since the full platform is modular, the modular system is more reliable, easier to maintain and secure. Those benefits are shown in examples described through out this presentation.  

New Vulnerability to be Found in Google+

Due to this vulnerability it was possible to obtain private information of 52.5 million accounts
11 December 2018   136

Google decided to close the social network Google+ not in August 2019, but in April. The reason was another vulnerability in the API, due to which it was possible to obtain private information of 52.5 million accounts. The company plans to close the social network API until mid-March 2019.

By December 10, 2018, the following error information was published:

  • Third-party applications requesting access to profile data, because of the bug in the API, received permission to view information, even if it is hidden by privacy settings;
  • the names of users, their email addresses, information about occupation, age and other confidential information were at risk;
  • passwords, financial data and national identification numbers have not been compromised;
  • the company has no evidence that anyone has exploited the vulnerability;
  • the error was fixed within 6 days: from November 7 to November 13, 2018.
  • Google said it sends notifications to all users affected by the bug.

The previous data leak of Google+ users occurred in October 2018. Then about 500 thousand accounts were compromised. The attackers could get the names, email addresses, age, gender and occupation of users.