Rapid Software Development for Your Coronavirus / COVID-19 Needs

  Need Something Done Quickly? We’re all suffering from the virus and lockdowns, it’s a fact. And some of that suffering is heartbreaking, not just here in the U.S. but all over the world. As a modernization vendor, we can point out that modernized applications are easier to work with, require skills that are not in short supply, and save you 20-40% in operating cost. But, when the house is on fire, most people don’t...

Read More

Equifax Cost of Struts Related Data Breach Still Rising

It could happen to anybody, if we’re honest with ourselves. Even if you have procedures and personnel to monitor security notices and apply patches, relying on all of that operating flawlessly every single day is just not realistic. Twenty years ago, the Struts Framework was widely used to build enterprise Java applications, and if you really use Struts, it is like mold — it winds up in your application’s roof, drywall,...

Read More

Refactoring – Words Have a Meaning

  Refactoring: Marketing Spin Detected We live in the age of marketing spin. Sometimes it seems that nothing means what the plain words say. For example, we hear people say, “Can you refactor my COBOL to Java?” To a technically knowledgeable person in the IT industry, that is the same kind of question as “Can you pedal my fish faster than 20 miles per hour?” As the late Jim Morrison might have said, “You...

Read More

Struts 2 Cybersecurity Flaw Affects All Versions

  Veracode Reports New Apache Struts 2 Security Problem From Veracode: “On Aug. 22 [2018], the Apache Software Foundation announced that a new critical remote code execution vulnerability was found in Apache Struts 2 (CVE-2018-11776). According to the Semmle Security Research Team, who first identified and reported the vulnerability, this flaw is ‘more critical’ than the Struts vulnerability behind the massive data breach...

Read More

Struts 2 Does Not Solve the Security Problem – Moving to Spring Does

Struts 1 is End of Life Apache has made it clear that if you are using Struts 1, you need to move. The question was asked, “Given a major security problem or a serious bug is reported for Struts 1 in [the] near future, can we expect a new release with fixes?” Apache’s answer:
“As of now, actually no – that is what the EOL announcement essentially is about. Since the end of support is reached, you will either need to find...

Read More