Menu
Java developers remain bullish despite security problems

Java developers remain bullish despite security problems

Though the platform has had issues lately, developers don't see them as deal breakers in Java deployments

Java's recent security woes are not scaring off developers, who don't see Java as any more vulnerable than any other platform. "There's nothing fundamentally wrong with Java," says Gonzalo Diethelm, in charge of architecture and development at the Chilean central security depository, DCV.

He is not planning to abandon Java in response to security concerns. Such suggestions are "just creating bluster," concurs Shaun Woodrow, director at the Corporate Action Company business software firm. Other developers at the JavaOne technical conference in San Francisco this week also remain confident in Java, which has had several security problems discovered lately, including the Flashback Trojan that affected more than 600,000 Macs and a weakness found in the platform's sandbox security mechanism.

[ Also at JavaOne, Oracle officials pitched upcoming Java upgrades, even as these have had important features postponed. | Think you know Java? Test your programming smarts in InfoWorld's Java IQ test. | Subscribe to InfoWorld's Enterprise Java newsletter for more Java news. ] Not all security issues applicableSome developers noted that Java applet security has been a particular problem but these issues weren't applicable at many user sites. For example, the recent sandbox security problem was an applet issue, but most Java deployments are server side these days, says Richard Warburton, a Java developer with jClarity, an application performance monitoring startup. "[The sandbox issue] isn't actually something that affects most people." A lot of corporate environments already have disabled applet capabilities in the browser, he says.

Par Siko, a developer at the Jayway consulting firm, adds, "Java is really big on the server side, and I don't think security's a big issue on the server side."

At Barclays Bank, security testing is done to make sure systems are safe. "We have constant penetration testing and security testing. We bring in third-party companies to perform that for us," says Gareth Nolan, a technical architect at Barclays.

A developer at Sandia National Laboratories pointed out his systems are isolated from intruders anyway. "I'm not terribly familiar with [Java's recent] security issues, but I tend to develop for ether stand-alone or things that reside on small, unconnected local area networks," says technical staff member Benjamin Lawry.

Vigilance still advisedAlthough developers are not sweating over the security problems (Siko, for example, says his company will increase its use of Java), they nonetheless see the need for users and Oracle to be vigilant." Security is going to be an issue no matter what," says Woodrow. "People are going to have to focus and tighten up a little more anyway. [But] I wouldn't say [security] was an issue specifically for Java."

Siko stresses the importance of bug and security fixes, noting, "Fixing the security issues quickly, that's important, and I'm not sure if [Oracle] has done such a good job there."

The issue of Java security came up during an Oracle press conference at JavaOne on Wednesday, with Oracle officials emphasizing security as a priority. "In general, we've been investing in Java all over the board and security is one of those areas," says Georges Saab, vice president of development for Java Platform, Standard Edition (Java SE) at Oracle.

This article, "Java developers remain bullish despite security problems," was originally published at InfoWorld.com. Follow the latest developments in business technology news and get a digest of the key stories each day in the InfoWorld Daily newsletter. For the latest developments in business technology news, follow InfoWorld.com on Twitter. Read more about application development in InfoWorld's Application Development Channel.

Follow Us

Join the ARN newsletter!

Error: Please check your email address.

Upcoming

Slideshows

IN PICTURES: Nutanix's .NEXT channel event in Sydney (+20 photos)

IN PICTURES: Nutanix's .NEXT channel event in Sydney (+20 photos)

Nutanix recently held its customer and channel event, .NEXT, in Sydney. The event, held at the Sheraton on the Park saw attendance from more than 150 channel and technology partners and customers. It was the first in a series of events Nutanix is holding in A/NZ in August and September, the objective of which is to brief partners and customers on “what’s next” in the design and management of datacentre technology.

IN PICTURES: Nutanix's .NEXT channel event in Sydney (+20 photos)
IN PICTURES: EDGE 2015 sponsor debrief (+23 photos)

IN PICTURES: EDGE 2015 sponsor debrief (+23 photos)

Some of the sponsors of ARN's inaugural EDGE 2015 event got together at the ARN office for a debrief of the event. Over some drinks and cheese, these attendees got an update on some key statistics that arose from the EDGE event and discussed potential topics and improvements that can be made at next year's event.

IN PICTURES: EDGE 2015 sponsor debrief (+23 photos)
IN PICTURES: ARN Distributor Roundtable, Sydney, 26.08.15 (+26 photos)

IN PICTURES: ARN Distributor Roundtable, Sydney, 26.08.15 (+26 photos)

ARN hosted a distributor roundtable at Cafe Del Mar in Sydney, at which attendees and their partners discussed the changing role of the traditional IT distributor. They spoke about the challenges of digital disruption, the blurring lines of the channel in the age of digital transformation, and examined the ever-evolving business models. This roundtable was sponsored by Distribution Central, Exclusive Networks, Rhipe, and Hemisphere Technologies. Photos by ARN Editorial Director, Mike Gee.

IN PICTURES: ARN Distributor Roundtable, Sydney, 26.08.15 (+26 photos)

iasset.com is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments