Slashdot Mirror
Comparison of Java and .NET security
prostoalex writes "The Computer Science Department at the University of Virginia has published a comparative study of security in Java and .NET in Portable Document Format. DevMktg blog on MSDN summarizes the findings saying that due to careful design process, .NET presents security advantages over Java platform in several areas." From the article: "Where Java evolved from an initial platform with limited security capabilities, .NET incorporated more security capability into its original design. With age and new features, much of the legacy code of Java still remains for backwards compatibility including the possibility of a null SecurityManager, and the absolute trust of classes on the bootclasspath. Hence, in several areas .NET has security advantages over Java because of its simpler and cleaner design."
That's a lot of variations, platforms, etc,
Actually, 10 of the 45 vulnerabilities that the authors chose to use in the chart were (or are?) in Microsoft JVM.
I think including them in the chart is misleading at best.
.NET ... Windows ... but not all of them.
:)
price: free, You only need to have Windows 2003 Business Server for serious work
secure: rtfa in few years to make sure
portable: it runs on many systems, like Windows and
speed: well actually speedy on Windows machine
IDE: brilliant Visual Studio, unfortunatelly no plugins
Java
price: free, well it is free
secure: most likely as secure as Your application
portable: well actually, even my SonyEricsson cell runs it
speed: a bit clumsy, but hey, almost all >1GHz desktop PC can run Java application in very responsive manner (Eclipse, Netbeans, Azureus, etc.)
IDE: Eclipse and/or Netbeans ROCKS!
This reply seems biased, but well, almost every opinion will be biased.