Are you 'scared' of Java?

Discussion in 'macOS' started by knb, Jun 6, 2013.

  1. knb, Jun 6, 2013
    Last edited: Jun 6, 2013

    knb macrumors newbie

    Joined:
    Jun 2, 2013
    Location:
    Virginia, US
    #1
    As we know Java is a programming language and as any software it is extremely difficult to be 100% security proof.

    Oracle bought Sun Microsystems for Java for tons of money years ago...

    And a little whole ago there were reports of Java security flaw, and Apple stopped bundling Java about two years ago... one wonders why Oracle let it slip... but that's another question...

    The question for you is, as a Mac user, are you scare of Java or feel it's ok as mentioned above, 'no software is completely safe'? And a closely related question is, where and how could one know how do the majority of Mac users feel about Java?

    Thank you.

    ----------

    And another thought,
    Just because fly can come into a room we never open up window for fresh air?
     
  2. MikhailT macrumors 601

    Joined:
    Nov 12, 2007
    #2
    Majority of the issues are in the java applets. For many users, that's enough to be scared about.

    Java on its own is fine, just not the remote/web applets because you can spread malware quickly to the mass via those technologies.

    A LOT of big tech giants uses Java as a server-side apps and it's secure to use, it's more tightly controlled.
     
  3. knb thread starter macrumors newbie

    Joined:
    Jun 2, 2013
    Location:
    Virginia, US
    #3
    Great observation. Thank you for sharing. I don't like java applets neither.
    Not sure if many daily Mac users know the difference between java applets vs. programs written in Java or relies on Java...
     
  4. MikhailT macrumors 601

    Joined:
    Nov 12, 2007
    #4
    Many of them don't even know that Java and Javascript are two different things. I hear about this confusion all the time from any regular folks, not just Mac users.
     
  5. benwiggy macrumors 68020

    Joined:
    Jun 15, 2012
    #5
    “Nothing in life is to be feared, it is only to be understood. Now is the time to understand more, so that we may fear less.”
    Marie Curie.
     
  6. knb thread starter macrumors newbie

    Joined:
    Jun 2, 2013
    Location:
    Virginia, US
    #6
    Excellent. Seriously I may quote this when I say Java is required. Thank you a million.
     
  7. wrldwzrd89 macrumors G5

    wrldwzrd89

    Joined:
    Jun 6, 2003
    Location:
    Solon, OH
    #7
    The Java/JavaScript naming confusion is unfortunate and sad, in my opinion, because it created confusion where there shouldn't have been any. If only the standard name "ECMAScript" existed back then and was more widely used than it is today...

    As for Java itself, most of its security problems only impact or primarily impact the web plugin. As a Java programmer, I can't be "scared" of Java per se. That said, I do think that Java applets were a big mistake, and should be killed outright - which isn't what Oracle thinks. Hey, at least Oracle's now committed to providing timely security fixes with Java SE 8 and later versions, according to this Oracle blog post.
     
  8. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #8
    I work with Oracle technologies (oracle database, weblogic web servers and peoplesoft applications) and because Oracle owns java, a lot of the tools I used are Java based. I can say that I'm not scared of java, but by the same token it may not always be the best solution but it works well enough
     
  9. cg399 macrumors member

    cg399

    Joined:
    Sep 3, 2012
    Location:
    Hurghada, Egypt
    #9
    Not disagreeing with the intention of the quote - but is there not an irony when you consider what happened to Marie Curie...
     
  10. Shrink macrumors G3

    Shrink

    Joined:
    Feb 26, 2011
    Location:
    New England, USA
    #10
    Happily, I have no need for Java, and don't even have it installed.

    But to be honest, with my limited technical knowledge, it does concern my that it may act as a portal for malware. Probably just my ignorance at work.:p
     
  11. justperry, Jun 7, 2013
    Last edited: Jun 7, 2013

    justperry macrumors 604

    justperry

    Joined:
    Aug 10, 2007
    Location:
    In the core of a black hole.
    #11
    Not at all, I live there.;) ↩↩

    -----

    Java (For us Consumers) should go the same way as Flash.
    I just switch it off in my browser before, now I just leave it of my System.
    But, it's on a Mac not as bad as it seems (To my knowledge), how many got infected, not that many.
     
  12. knb thread starter macrumors newbie

    Joined:
    Jun 2, 2013
    Location:
    Virginia, US
    #12
    Many web applications use javascripting, and by default, most browsers enable javascript. So, that's not my concern.

    My application does require Java because it uses an app server, which is written in Java.
     
  13. benwiggy macrumors 68020

    Joined:
    Jun 15, 2012
    #13
    The only problem with Java is the VECTOR by which code can be run from an outside source. Java is designed to run code in your browser: fair enough, but the issue is what that code can access on your machine, and whether it can "get out".

    That has pretty much been fixed with Apple's security update to Safari, which allows black-listing/white-listing, or by turning of Java in your other browser.

    "Oh, I must remove all traces of Java from my Mac to be safe" is a massive over-reaction.
     
  14. knb thread starter macrumors newbie

    Joined:
    Jun 2, 2013
    Location:
    Virginia, US
    #14
    ["Oh, I must remove all traces of Java from my Mac to be safe" is a massive over-reaction.]
    Exactly. That tends to be the case with millions of daily computer users, when they read a news report something about alleged Java issue they immediately jump guns... can't really blame them tho because they don't have sufficient technical knowledge to make a correct judgement.
     
  15. knb thread starter macrumors newbie

    Joined:
    Jun 2, 2013
    Location:
    Virginia, US
    #15
    What would be the most compelling and easy-to-understand reason to inform and education average Mac user if their Mac does not have Java installed already to install it?

    One answer is:
    1) Java itself is in general safe.
    2) The software program for Mac OS X is compelling enough/interesting enough for them to take an extra step to install Java

    Your thought?

    Thanks.
     
  16. subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #16
    If they don't have it and don't need it, there is no compelling reason to install it.

    I have Java turned off in Safari and it's been that way for years btw.
     
  17. MrNomNoms macrumors 65816

    MrNomNoms

    Joined:
    Jan 25, 2011
    Location:
    Wellington, New Zealand
    #17
    I think what made matters worse was the fact that Apple's Java was always behind not only version but also when it came to issuing security updates thus it is one thing to say there is a security hole but if the response from the vendor (in this case) is slow then it causes more anxiety for the end user. For me I don't expect software to be perfect but I do expect that the software vendor owns up and provides a security update in a timely manner with a workaround that allows one to decrease the chances being attacked.
     
  18. subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #18
    Well that is all behind us, the reason to turn it off in the browser is that Java applets are very rarely used any more. It's just an unnecessary potential for someone to get in, might as well turn it off because it makes you completely unaffected by Java security mess ups.
     
  19. CptSky macrumors regular

    Joined:
    Feb 1, 2013
    #19
    As a Java programmer, I know that the language itself is safe. I don't like Java because it is generally slow... I avoid Java Applet on the web, which is the source of most vulnerabilities, because, well, it's an outdated technology.

    So, I'm not scared of Java. For apps, it's fine, for applet, webmasters should look for a better alternative. (Java Applets are *in theory* pretty safe as they work in a VM without any access to the real system.)
     
  20. knb thread starter macrumors newbie

    Joined:
    Jun 2, 2013
    Location:
    Virginia, US
    #20
    Totally agree. Please go to forumdisplay.php?f=73
    and look for my post on PackageMaker, I sorely need help on that... thanks in advance.

    ----------

    Making sense. Please go to forumdisplay.php?f=73
    and look for my post on PackageMaker, I sorely need help on that... thanks in advance.
     

Share This Page