Once we looked at serialization as an important addition to Java. As the years passed, we began to recognize the flaws in its design and sighed. Today we realize that the story of Java serialization has become a dark and twisted tale. In this session, you will understand why we still need Java serialization, how the built-in design is fatally flawed, and how it is being exploited and used against us. Learn how to work against the dark arts rallied against us, and understand how even the alternative forms of Java serialization can still be open to attack. Does this tale have a happy ending? Can goodness prevail and can you make your application safe from Java serialization weaknesses? Only you can decide.
Video producer: https://developer.oracle.com