Java API and Microsoft's .NET API: a Comparison

Nerval's Lobster writes "Previously, developer Jeff Cogswell focused on the respective performances of C# and Java. Now he's looking at yet another aspect of the languages: the runtime libraries—what exactly the libraries are, how they are called, and what features the languages provide for calling into them. Examining the official Java API (now owned by Oracle) and the official .NET API owned by Microsoft, he finds both pretty complete and pretty much a 'tie' with regard to ease-of-use and functionality, especially since Java version 7 release 6 allows for automatic resource management. Read on and see if you agree."

What C# have that Java sorely lacks

[benjymouse]

Async methods (huge!)
Generator methods
Partial classes/methods
Reified generics
LINQ (as in LINQ to objects, LINQ to Entities, LINQ to XML - all part of the core framework)
Dynamic typing and -interop
Value types
Operator overloading
Implicit/explicit type conversions

Re:What did you expect?

[bmo]

C# was the direct result of MS being blocked from using Java,

No, no it wasn't.

It was that Sun owned the standard and told Microsoft to quit violating the standard or call it something else.

Sun sued and won in court, because they were right.

If the situation was reversed, I'm sure you'd be saying Microsoft was in the right for defending C#.

Microsoft was always free to use Java and write their own version, as long as it conformed to the standard. But Microsoft being Microsoft, "standards are for pussies."

--
BMO

Re: Critical Bugs

[benjymouse]

There are ciritical fixes released for the .net API every so often via windows update. Neither are flawless in that regard.

True, neither is flawless.

But one of them appears to have been considerably better designed (or better QC):

.NET 4: 34 vulnerabilities Released 2010-04

Java 1.7: 216 vulnerabilities Released 2011-07

or the previous incarnations:

.NET 2: 53 vulnerabilities Released 2006-12

Java 1.6: 432 vulnerabilities Released 2006-01

Java experiences 6-8 times the number of vulnerabilities, even over shorter time frames.

Re:What did you expect?

[bmo]

No, they weren't blocked from using Java.

They were blocked from creating their own non-standard Java.

Because Sun owned the trademark and the standard. Now owned by Evil Larry.

You can create your own language and API, but you can't call it Java if it doesn't meet the standard. How difficult is this to understand?

Poor persecuted Microsoft.

--
BMO

Re:I don't want to be "that guy", however

[Darinbob]

While Mono allows C#, it does not turn .NET into a cross platform executable environment. Practical programs using C# and .NET are tightly tied to Windows capabilities. Since C# isn't a standardized language, and Microsoft doesn't even stick to their own standards with their own products anyway, there will be incompatibilities between Windows .NET and Mono. Mono also does not re-implement all of the .NET framework and is playing catch up whenever there's a new inevitable .NET release. So if you want a cross platform executable system you are much better off with Java.

Basically the whole reason for existence of .NET was to tie the developer to Windows. It was created as a direct response to Java being a cross platform system.

Re:I don't want to be "that guy", however

[benjymouse]

I don't use C#, however last I looked all of its features were borrowed from other preexisting languages, same as Java. Is there something new and Microsoft for once in its life has done something novel?

LINQ is a pretty big deal. I don't know of any language that has something similar. LINQ itself is comprised of a number of language constructs such as expression trees, extension methods, type inference, anonymous types.

Async/await is huge! Right there, MS looks to leapfrog other platforms by allowing developers to create robust, asynchronous programs that doesn't need to spin up threads (or use threadpools) to achieve perfectly composable asynchronous methods.

Dynamic support (statically typed to be of dynamic type) allows the best from dynamic languages to be used from within C#, even interop'ing with dynamic languages and e.g. use an object created in Ruby as a first-class object in C# (or vice versa).

Re:I don't want to be "that guy", however

[PlastikMissle]

C# isn't standardized? Someone should call ECMA and ISO then and tell them they've been had.

Re: Critical Bugs

[benjymouse]

95% of those java bugs are for the browser plugin. Last time I checked, activeX didnt have a great track record either. They both find about the same amount of server issues. .Net just sells their extra vulnerabilities to the NSA rather than fixing them.

No they are not. They are all over the runtime and library: Libraries, Hotspot, JavaFX, AWT (many), 2D, serialization, reflection, JAXP, RMI, beans, JAX-WS, etc etc. They are amplified by the fact that many of them are indeed in a library/feature that can be accessed through applets from remote. But the vast majority of the vulnerabilities exists isolated from the applet and could be exploited through other channels.

ActiveX has nothing to do with .NET.

And even so, there has been precious few vulnerabilities in ActiveX. The problem with ActiveX was that the model allowed foreign code to execute non-sandboxed on your machine, so that a bug in a control could have (and had) dire consequences. In that regard, ActiveX resembles SUID on *nix: You check at the gate and if the subject appears to have legitimate papers you let him in and assume that he'll be well-behaved. Just like with SUID where a bug in a SUID root tool may lead to system compromise, a bug in an ActiveX control could let the attacker run his own code with your credentials.

Re:I don't want to be "that guy", however

[cbhacking]

Java is actually not "entirely OOP based" although it's close enough for most purposes. Example:

17.ToString()
works in C#. It (or the eqivalent 17.toString()) does not work in Java.

In .NET, everything is an object. "int" is another name for Int32, which is a struct (stack-allocated, value-passed object) that inherits from Object and implements a number of interfaces (IComparable, etc.).