InfoWorld

Lightweight Persistence with Java Serialization

The Java SE 6 documentation on Object Serialization states the following about the uses of Java serialization: Serialization is used for lightweight persistence and for communication via sockets or ...
InfoWorld

Get smart with proxies and RMI

Java Remote Method Invocation (RMI) gives clients access to objects in the server virtual machine (VM) in one of two ways: by reference or by value. To access a remote object by reference, the object ...
ZDNet

Java unserialize remote code execution hole hits Commons Collections, JBoss, WebSphere, WebLogic

Researchers from Foxglove Security have reportedly discovered a remote code execution hole in the widely used Apache Commons library, thanks to the insecure method in which Java unserializes objects, ...