Java Serialization was a Horrible Mistake

preview_player
Показать описание
Editing Monitors :

Follow on Facebook:

Subscribe to our other channel:
Telusko Hindi :

Donation:
PayPal Id : navinreddy20
Patreon : navinreddy20
  1. Telusko
  2. telusko
  3. navin
  4. reddy
  5. tutorial
  6. java
Рекомендации по теме
Java Serialization was 0:04:42

Java Serialization was a Horrible Mistake

Why We Hate 0:52:31

Why We Hate Java Serialization And What We're Doing About It by Brian Goetz & Stuart Marks

Java - Serialization 0:16:10

Java - Serialization & Deserialization

Java serialization 🥣 0:21:13

Java serialization 🥣

Serialization Explained in 0:03:15

Serialization Explained in 3 minutes | Tech Primers

How To Scare 0:01:16

How To Scare C++ Programmer

Java - Serialization 0:07:41

Java - Serialization

Java is ending 0:11:20

Java is ending support for serialization - what does this mean to you?

Java in 2023 0:00:46

Java in 2023 : Still Worth Learning? | Java Programming Pros & Cons | Programming Language | #sh...

12.3 Object Serialization 0:10:53

12.3 Object Serialization in java | Serializable Interface

Serialization vs de-serialization 0:00:56

Serialization vs de-serialization #shorts

What is the 0:01:00

What is the serialVersionUID in Java serialization?

why do we 0:02:26

why do we need java serialization job java interview question

What is Serialization 0:01:00

What is Serialization and Deserialization? What are the types of serialization?

Sealed Classes in 0:01:00

Sealed Classes in Java

Serialization Deserialization & 0:28:34

Serialization Deserialization & Externalization | Java Interview Questions and Answer | Code Dec...

Java Serialization with 0:04:53

Java Serialization with Arrays and Collections | Java IO | Java Tutorial

Serialization (42) #corejava 0:00:19

Serialization (42) #corejava

Java Serialization Filtering 0:05:49

Java Serialization Filtering - Prevent 0-day Security Vulnerabilities

Object Serialization In 0:04:44

Object Serialization In Java - Easy explanation

Java Serialization with 0:05:18

Java Serialization with Transient keyword | Java IO | Java Tutorial

How Java Records 0:35:53

How Java Records Can Improve Serialization

Webinar: Java Serialization 1:09:18

Webinar: Java Serialization security issues

Which variables are 0:00:11

Which variables are not serialized during Java Serialization? | javapedia.net

Комментарии
Автор

One of the most horrible ways to explain serialization vulnerability. Out of ~5 mins time the only relevant invormation was " some researches found some issues with serialization concept". Nice.

alexanderaric
Автор

How to we remove hudson.utils error comes due to two versions of java in linux.

DeepakSharma-iuwn
Автор

so once serialization feature gets removed, how would you convert the object to byte stream and transfer it from one JVM to another?

prasadhonrao
Автор

If we don't have to use serialization then what will be the alternative to transfer my object to another place please suggest kindly already in Hibernate I am using serialization most of place to store object in db.

AnandChaugule
Автор

Sir why we use the serialVersionUID in spring boot? Please tell me sir

aartigiblogs
Автор

In one of my project I'm serialize a complex object using Google gson library but at the time of creation it give me memory out of bound exception. Please help me .

anchitsharma
Автор

Hello sir,

I am not sure this is very silly reason as I know ...See attack can happen in main server also .Then what you will do ..

Here the thing is while deserialization retrive the info from class as what we have declared serialization_id I.e version ...

Here where exactly the issue ?

While passing the data from one server to another server ..Already we have deCription and encryption ?

Now how the object will be tempted ?

Plz suggest ?

ramanapanku
Автор

As an amateur, i wanna ask this, Why can't we use directly class name in message while sending object's data?

ferdibal
Автор

then why SerialversionUid?
To eliminate such problems.
Although jvm creates it internally..but it is suggested we explicit define it.(you will also get compile time error)

madhu
Автор

02:12 JVM try to detect which class to deserialize, Is this one thing that makes de-serialization vulnerable?

himanshuupadhyay
Автор

What thing going to replace serialization?

santhanamkrishnan
Автор

What did Oracle ever make of this issue? Has it been remedied?

alansimon
Автор

I recently started watching your channel. Excellent tutorials.

It would be great if you could cover the topic of obfuscation, basic ways of protecting code.
There is not much on that on topic on youtube.

najoboj
Автор

How we can serilization filter can uh explain me in little more depth?

anchalkanungo
Автор

Now it's time to recreate our serialized classes using serializing filter.... Oh man thats a lot of work....

aperson
Автор

Is it removed already from java or companies are still using it?

DeepakKumar-qcrg
Автор

4 years later and Java still supporting Serialization.

adams
Автор

Sir, thanks for the video. I have a question, what would be the alternative to serialisation at this point. If we stop using serialisation, is there a way by which we can get the same effect ?

phanindraitika
Автор

Instead of removing serialization from java, why we dont use end to end encryption in serialization and deserializarion?

immortalhuman
Автор

Please explain serialization compatibilty and incompatibility issue?

harshable