Oracle investigating why Java still sucks

Java is at the center of yet another security storm after Polish security researchers found not one, but two new separate zero-day flaws in the Web plug-in software.


  • Steven Fisher

    Putting aside the Java language, the Java virtual machine had two main things going for it:

    1. It was supposed to be portable.
    2. It was supposed to be secure.

    While the Java language has its place, I think it’s pretty clear the Java virtual machine is a complete failure, at least on the desktop.

  • imthedude

    Between Java VM and Flash, it’s a real competition for who’s the biggest web turd.

    • UltraMoose

      Don’t forget PDF. Ever since Adobe had the bright idea to allow scripting inside PDFs it’s become one of the most exploited attack vectors on the web along with Flash and Java.

  • Java The Hutt

    My company makes cross-platform software that relies on Java in the browser (things that really can’t be done in pure HTML5). All these Java vulnerabilities are killing us – our customers can’t run our software because the browsers keep blocking the plugin. Oracle needs to get this sorted fast.

    • Steven Fisher

      Oracle is never going to get this fixed, not to the point that end users are safe. You need to find another approach.

      I’m not saying this to flame you; I sincerely hope you succeed. But this is going to get worse over time, not better.

  • antred

    What is there to investigate? It’s Java, enough said.