Flaw Found In The Last 8 Years Of Java


Recommended Posts

The language itself is a beasty ass language. All softwares have bugs in the beginning but about this security flaw, damn, it's like Oracle doesn't even care.

In the beginning? Java has been there for...a long time.

Link to comment
Share on other sites

.NET is in the same category as Java (VMs that execute code and provide standard libraries), yet it's not nearly as flawed and handles updates much better - not just because they're delivered through WU, but also because it doesn't use the stupid versioning system Java has.

Yes, Java is worse than other software in this regard.

There is one huge, huge advantage to Java: it runs on pretty much everything. I'm studying software development and everything we're learning is in Java now (even though some classes are moving to Javascript). Why? First of all because it doesn't force anyone to install any specific operating system (and doesn't lock you into one). When pretty much all teachers use Macs and students are more or less 60/30/10 Windows/Linux/Mac it's pretty nice they don't force everyone to buy/install Windows. Second of all because it's all free. And mostly because it's absolutely not a bad language and is excellent for teaching object-oriented principles.

Everything has flaws, but that's why patches exist. I'm not a fan of Java in the browser either (and I keep it disabled) but aside that there is absolutely nothing wrong with it and I couldn't live without it (because of school, and because Android development is done in Java).

Link to comment
Share on other sites

There is one huge, huge advantage to Java: it runs on pretty much everything. I'm studying software development and everything we're learning is in Java now (even though some classes are moving to Javascript). Why? First of all because it doesn't force anyone to install any specific operating system (and doesn't lock you into one). When pretty much all teachers use Macs and students are more or less 60/30/10 Windows/Linux/Mac it's pretty nice they don't force everyone to buy/install Windows. Second of all because it's all free. And mostly because it's absolutely not a bad language and is excellent for teaching object-oriented principles.

Everything has flaws, but that's why patches exist. I'm not a fan of Java in the browser either (and I keep it disabled) but aside that there is absolutely nothing wrong with it and I couldn't live without it (because of school, and because Android development is done in Java).

You can run C# on Windows (.NET), OS X (Mono), Linux (Mono), Arduino (.NET Micro), Windows CE (.NET Portable), Windows Phone (Silverlight/.NET), Android (Mono), iOS (Mono), browsers (Silverlight), the XBox (Silverlight, XNA)...

Java's multi-platform advantage is nice, but it's useless unless you actually need these platforms.

And it's pretty clear that C# > Java for almost everything.

Link to comment
Share on other sites

You can run C# on Windows (.NET), OS X (Mono), Linux (Mono), Arduino (.NET Micro), Windows CE (.NET Portable), Windows Phone (Silverlight/.NET), Android (Mono), iOS (Mono), browsers (Silverlight), the XBox (Silverlight, XNA)...

Java's multi-platform advantage is nice, but it's useless unless you actually need these platforms.

And it's pretty clear that C# > Java for almost everything.

True, and I like C#. But you can't actually develop in C# properly on anything but Windows. And you can't just run all code including UI stuff in C# on other platforms. If I were to code my exercises in C# our teachers (who all have Macs) won't be able to run it seamlessly. In Java we can just send a .jar to pretty much anyone and it'll always work.

We do learn C# in a later course that has to do with Sharepointy stuff I think, but Java still is pretty much the easiest language to learn and fastest to actually start creating working things with. And a great first language. I had no issues at all porting stuff to C# when I was experimenting with it a while back.

Link to comment
Share on other sites

I avoid Java where possible after Oracle tried to run it into the ground. None of my home machines have it installed.

Link to comment
Share on other sites

You can run C# on Windows (.NET), OS X (Mono), Linux (Mono), Arduino (.NET Micro), Windows CE (.NET Portable), Windows Phone (Silverlight/.NET), Android (Mono), iOS (Mono), browsers (Silverlight), the XBox (Silverlight, XNA)...

Java's multi-platform advantage is nice, but it's useless unless you actually need these platforms.

And it's pretty clear that C# > Java for almost everything.

C# (mono or .NET framework) has nothing close to Java in terms of corporate support/performance/libraries. There is *no* alternative to Java in large corporate environment...perhaps .NET in Windows only places that write all their software from the ground up. However, most large 3rd party applications (i.e 500k+ cost/10k+ a month) are still made in Java due to stability/performance. Every application we have at work that meets out 99.85% SLA is written in Java runs on Linux. We also have the best performance/availability in the industry according to Keynote/Gomez. Its not a co-incidence that only Java based apps are able to keep up with this, we have Windows based apps (both native and .NET) and they cannot be certified to reach this level of availability due to crashing frequently. Thankfully they are used in backend/low volume products.

However, for the desktop, Java is overkill. It's like using a train to haul a candy bar a block distance. The whole applet model is a joke as well, its probably what most people think Java is mostly used for.

Link to comment
Share on other sites

My software is made with Java! PLEASE DONT HATE JAVA!

Honestly, if cross-platform support isn't an extremely big deal to you (aka you can get by with having your app run perfectly on Windows, Windows Phone, Windows CE, and Xbox, and then having to use Mono for other platforms), I would suggest C#. The syntax is similar to Java, and Visual Studio 2012 (and VS2012 Express) is flat out the best IDE I have ever used.

Link to comment
Share on other sites

There is one huge, huge advantage to Java: it runs on pretty much everything. I'm studying software development and everything we're learning is in Java now (even though some classes are moving to Javascript). Why? First of all because it doesn't force anyone to install any specific operating system (and doesn't lock you into one). When pretty much all teachers use Macs and students are more or less 60/30/10 Windows/Linux/Mac it's pretty nice they don't force everyone to buy/install Windows. Second of all because it's all free. And mostly because it's absolutely not a bad language and is excellent for teaching object-oriented principles.

Well said. My department runs mainly Linux machines (first Debian, now Ubuntu) and teach Python, Java, lots of C, shell scripts, and smaller languages like ML, Scheme, Prolog. All these languages cover different types (OO, functional languages, scripting) and they all run on *nix.

Perhaps C# is a superior language over Java but that of course requires Windows licenses across our labs, and I'm sure there are better things they could put limited funds towards. And quite frankly, focusing on teaching a lower level language like C is much more preferable for concepts like memory management, pointer handling, how to trace seg faults without a compiler conveniently throwing a stack trace at you, not relying on strict type checking like Java, etc. (Yes I'm aware of Mono but IIRC development on that has stalled.)

Link to comment
Share on other sites

Is there an Java Alternative?

yes there is - .NET - trouble is a lot of big companies - like IBM refuse to use anything "Microsoft" and will cut off their nose, to spite their face, and reject what is a far better solution in the process.

Link to comment
Share on other sites

C# (mono or .NET framework) has nothing close to Java in terms of corporate support/performance/libraries. There is *no* alternative to Java in large corporate environment...perhaps .NET in Windows only places that write all their software from the ground up. However, most large 3rd party applications (i.e 500k+ cost/10k+ a month) are still made in Java due to stability/performance. Every application we have at work that meets out 99.85% SLA is written in Java runs on Linux. We also have the best performance/availability in the industry according to Keynote/Gomez. Its not a co-incidence that only Java based apps are able to keep up with this, we have Windows based apps (both native and .NET) and they cannot be certified to reach this level of availability due to crashing frequently. Thankfully they are used in backend/low volume products.

However, for the desktop, Java is overkill. It's like using a train to haul a candy bar a block distance. The whole applet model is a joke as well, its probably what most people think Java is mostly used for.

If your .NET/Windows apps crash frequently, you're the ones to blame, not .NET or Windows.

  • Like 3
Link to comment
Share on other sites

Are people still running that buggy and terrible platform?

People still don't know what they're talking about when they post on forums.

  • Like 3
Link to comment
Share on other sites

  • 6 months later...

I find the rabid anti-Java complaints to be rather annoying and petty. Is Java perfect? No. It was, however, designed to be a) cross platform and b) secure - more secure than ANY environment produced by Microsoft within a significant time period after the development of Java. Java implemented a Virtual Machine before VM was part of your vocabulary. It is a powerful, object-oriented platform from the beginnings of Object Oriented development. It is far better than Microsoft's ActiveX which came out around the same time, along with a number of other Microsoft offerings.

As far as programmers using Java, it is the #2 language world-wide, slightly behind C - some 17% of all programmers.

For companies to abandon Java, they would have to rewrite massive amounts of internal and external applications as well as retrain their development staff in any new platform and suffer a major productivity hit during the transition. Java will outlast Cobol in the corporate world ... lots and lots of systems stilling running Cobol out there even with the development era being long dead. The same will hold true for Java.

Rather than throwing the baby out with the bathwater, the answer from my perspective is find and fix any holes found as promptly as possible and clean up any flaws rather than tossing billions of lines of code in the trash can and saying "Oh well".

And for those ballyhooing the Microsoft C#, first, Microsoft developed C# long after Java was created and they did it as a way to try to subvert Java development, having failed in their power grab to twist Java into a non-cross platform environment. Second, are you sure that code written in C# can run on any platform without being recompiled/rewritten, requiring the ongoing maintenance of multiple versions of the same app? That is what Java provides.

Me, I like writing code once that can run on any machine with a JRE rather than having to write, say, 5 different versions of the same app: 1-Windows, 1-*nix, 1-Apple, 1-iOS, and 1-android, let alone all the fun little "appliance" devices which run Java.

I have to wonder, for those of you who have suffered from a security flaw in Java at some point: 1) was your Java current with the latest patches? 2) was the OS software on the machine fully patched? 3) Were you running a resident AV program which performs behavior analysis? 4) Did you have an anti-spyware program like Spybot? 5) Did you scan any/all files you downloaded with a separate on-demand AV program like Malwarebytes in addition to your resident program? 6) And finally, do you practice safe Hex? Do you avoid cracked/pirated software? Do you avoid sites with unethical and immoral content? If not, then you have only yourself to blame for visiting the Cat house and picking up a disease. I recall a joke by Jeff Foxworthy about visiting a house of ill-repute to avail oneself of - services which had been test driven as much as the lady of the evening and exposing ones parts to such ... the same idea goes for your computer: If the people running/visiting those sites are engaged in immoral or unethical behavior, why would you think you would be safe hanging around with them and sharing their ... Hex... ???

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.