Oracle plans to dump risky Java serialization

Oracle plans to dump risky Java serialization

|

Oracle plans to drop from Java its serialization feature that has been a thorn in the side when it comes to security.¬†Also known as Java object serialization, the feature is used for encoding objects into streams of bytes. Used for lightweight persistence and communication via sockets or Java RMI, serialization also supports the reconstruction of…