Oracle's Plans for Java Unveiled at JavaOne

msmoriarty writes "Oracle had lots of Java announcements at this year's JavaOne. So far the plans include: 'The availability of an early access version of JDK 7 for the Mac OS, plans to "bridge the gap" between Java ME and Java SE, an approach to modularizing Java SE 8 that will rely on the Jigsaw platform, a new project that aims to use HTML5 to bring Java to Apple's iOS platform, the availability of JavaFX 2.0, a pending proposal to open source that technology, gearing up Java EE for the cloud, and a delay in the release of Java 8.'"

Source?

[trims]

Please. The Oracle (formerly Sun) JVM is not "full of holes". And, Oracle does patch them - what do you think all those Update release are for? Oh, you wanted a patch for just that specific fix into a given (random) Update release, did you? Do you have any experience in managing such a project as the JVM? Point patches are a massive headache to manage - so much so, that while I was at Oracle (in the very JVM group you disparage), we couldn't find a reasonable way to manage point patches well on even the paying customers. And, I worked with a bunch of folks far smarter than the average programmer.

I was in the Sun JVM group for over 7 years (2004-2011). In that time, there were only 3 "critical" exploits published for the JVM, and less than a dozen for the entire JDK. There were more than that for "serious" bugs/problems, but those weren't security breaches (which, were, by definition, an exploit). I should know, I was the Gatekeeper for the JVM.

Newer versions (i.e. 4.1.2 -> 5 -> 6 -> 7 ) do certainly break a non-trivial number of older apps, and require fixes. Updates to a given release (i.e. 6u10 -> 6u20) do very occasionally break something if you jump a large number of Update releases; however, most of the cases we found in such breakage of apps was the developer's fault in either using an undocumented "feature", a feature which was marked "obsolete", or one which was marked as "unsupported". If you stuck to the documented API of supported features, well, it wasn't absolutely 100% bug-free upgradable, but then again, nothing is, and the JDK has an outstanding track record in that regard.

That's not to say that there aren't problems in both the JVM and JDK. It's just that you obviously don't know what you're talking about in the real world. Don't take my word for it: Google "Sun JVM security (hole OR flaw)" there are a very few links (maybe 2) to flaws in the past 5 years, a bundle of links to stories around 2004-2005 (which are all about the same set of bugs), and then practically everything else is at least 10 years old. Guess what? ALL of those have been fixed, relatively quickly, too.

-Erik