I just received spam claiming that USPS just delivered a shipment. The enclosed “shipping label” is a .jar file.
I thought the fundamental claim of Java is that code runs within a sandbox, that it is isolated so that it cannot corrupt the host system. Did Java in its infinite wisdom decide that the sandbox was too limiting and relax the restrictions?