Slashdot Mirror
Will New Red-Text Warnings Kill Casual Use of Java?
New submitter ddyer writes "Java 1.7.0_40 [Note: released earlier this month] introduces a new 'red text' warning when running unsigned Java applets. 'Running unsigned applications like this will be blocked in a future release...' Or, for self-signed applets,'Running applications by UNKNOWN publishers will be blocked in a future release...' I think I see the point — this will give the powers that be the capability to shut off any malware java applet that is discovered by revoking its certificate. The unfortunate cost of this is that any casual use of Java is going to be killed. It currently costs a minimum of $100/year and a lot of hoop-jumping to maintain a trusted certificate.'"
While I would hope for the day that Java dies the pathetic death it is due, I doubt that will happen. Much more likely is that "unauthorized" Java VMs will start to crop up that let the user whitelist applets rather than relying on Oracle's certificate system.
But don't get your hopes too high.
Yeah, but generally that kind of screwing has a strongly anticipated immediate short-term benefit, even with the long-term ramifications. I don't see such euphoria in the original case...
Do not look into laser with remaining eye.
I wish this were true.
The stories and info posted here are artistic works of fiction and falsehood.
Only fools would take it as fact.
It would be a welcome gift. I admin for a bunch engineers and a lot of the corporate and gov sites they access still use Java. And even worse some are so crappy they are version specific which makes no sense other than they are lazy.
No good deed goes unpunished.
Did I just step out of a time machine?
Most of the Java apps I use are unsigned.
Here's what I see happening: Lots of people hanging onto old Java versions, creating an even bigger security disaster.
"When information is power, privacy is freedom" - Jah-Wren Ryel
I thought the whole point of Java is that it runs in a sandbox so applets don't NEED to be trusted. Are they admitting failure here?
If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
please don't ever type "chive" again
As others have mentioned, there are a ton of embedded systems which use Java as the control interface and load unsigned or self-signed applets to do so. Block them, and we'll be forced to stick with an old version of Java.
>the performance differences are negligible ... I was told no.
In javascript you can run multi-threaded computation, you have access to native network buffers (for no copy transfers of large amount of data),
>given the modern flexibility of javascript ...
So, you are saying: if there is a Java library to do it, there is _always_ a javascript library to do it. Access to any file format, implementation of any network communication protocol,
I am _really_ skeptical. Javascript may be great for accessing web servers and dishing out html, but that's not all that people would like to do in a web page...
Does this mean the new Java will start bitching about legacy Java applications I've been running for years?
What will this do to companies that run their own Java applications? They can no longer apply security patches for Java in the near future without the massive cost of repackaging their self-made Java code?
This has "money grab" written all over it.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?