Java developers remain bullish despite security problems
Though the platform has had issues lately, developers don't see them as deal breakers in Java deployments
Infoworld - Java's recent security woes are not scaring off developers, who don't see Java as any more vulnerable than any other platform. "There's nothing fundamentally wrong with Java," says Gonzalo Diethelm, in charge of architecture and development at the Chilean central security depository, DCV.
He is not planning to abandon Java in response to security concerns. Such suggestions are "just creating bluster," concurs Shaun Woodrow, director at the Corporate Action Company business software firm. Other developers at the JavaOne technical conference in San Francisco this week also remain confident in Java, which has had several security problems discovered lately, including the Flashback Trojan that affected more than 600,000 Macs and a weakness found in the platform's sandbox security mechanism.
[ Also at JavaOne, Oracle officials pitched upcoming Java upgrades, even as these have had important features postponed. | Think you know Java? Test your programming smarts in InfoWorld's Java IQ test. | Subscribe to InfoWorld's Enterprise Java newsletter for more Java news. ]
Not all security issues applicableSome developers noted that Java applet security has been a particular problem but these issues weren't applicable at many user sites. For example, the recent sandbox security problem was an applet issue, but most Java deployments are server side these days, says Richard Warburton, a Java developer with jClarity, an application performance monitoring startup. "[The sandbox issue] isn't actually something that affects most people." A lot of corporate environments already have disabled applet capabilities in the browser, he says.
Par Siko, a developer at the Jayway consulting firm, adds, "Java is really big on the server side, and I don't think security's a big issue on the server side."
At Barclays Bank, security testing is done to make sure systems are safe. "We have constant penetration testing and security testing. We bring in third-party companies to perform that for us," says Gareth Nolan, a technical architect at Barclays.
A developer at Sandia National Laboratories pointed out his systems are isolated from intruders anyway. "I'm not terribly familiar with [Java's recent] security issues, but I tend to develop for ether stand-alone or things that reside on small, unconnected local area networks," says technical staff member Benjamin Lawry.
Vigilance still advisedAlthough developers are not sweating over the security problems (Siko, for example, says his company will increase its use of Java), they nonetheless see the need for users and Oracle to be vigilant." Security is going to be an issue no matter what," says Woodrow. "People are going to have to focus and tighten up a little more anyway. [But] I wouldn't say [security] was an issue specifically for Java."
- The Business Value of Continuous Delivery Download this whitepaper to learn more about the business value of Continuous Delivery and see why it could be a game changer for...
- Ten Factors Shaping the Future of Application Delivery Download this research report conducted by Enterprise Management Associates (EMA) to learn how those that are seeking to accelerate application delivery are leveraging...
- Adobe Creative Cloud FAQ The following are answers to common questions about Adobe® Creative Cloud™ for teams membership, purchasing, security, and storage.
- What's coming to Adobe Creative Cloud Editing and video content creation workflows are about to get easier and more exciting, with major updates coming soon to Creative Cloud, bringing...
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt. All App Development White Papers | Webcasts