Listen to this article

Java (software platform)

From Infogalactic: the planetary knowledge core
(Redirected from Java (Sun))
Jump to: navigation, search

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

Java (software platform)
Dukesource125.gif
The Java technology logo
Original author(s) James Gosling, Sun Microsystems
Developer(s) Oracle Corporation
Initial release 23 January 1996; 28 years ago (1996-01-23)[1][2]
Stable release 8 Update 91 (1.8.0_91) (April 19, 2016; 7 years ago (2016-04-19)) [±][3]
Preview release 9 Build 112 (April 6, 2016; 7 years ago (2016-04-06)) [±][4]
Written in Java, C++[5]
Operating system Windows, Solaris, Linux, OS X[6]
Platform Cross-platform
Available in 30+ languages
<templatestyles src="Template:Hidden begin/styles.css"/>
List of languages
Many Locales[7]
Type Software platform
License Freeware, mostly open-source,[8] with a few proprietary[9] components[10]
Website www.java.com

Java is a set of computer software and specifications developed by Sun Microsystems, later acquired by Oracle Corporation, that provides a system for developing application software and deploying it in a cross-platform computing environment. Java is used in a wide variety of computing platforms from embedded devices and mobile phones to enterprise servers and supercomputers. While less common, Java applets run in secure, sandboxed environments to provide many features of native applications and can be embedded in HTML pages.

Writing in the Java programming language is the primary way to produce code that will be deployed as byte code in a Java Virtual Machine (JVM); byte code compilers are also available for other languages, including Ada, JavaScript, Python, and Ruby. In addition, several languages have been designed to run natively on the JVM, including Scala, Clojure and Groovy. Java syntax borrows heavily from C and C++, but object-oriented features are modeled after Smalltalk and Objective-C.[11] Java eschews certain low-level constructs such as pointers and has a very simple memory model where every object is allocated on the heap and all variables of object types are references. Memory management is handled through integrated automatic garbage collection performed by the JVM.

On November 13, 2006, Sun Microsystems made the bulk of its implementation of Java available under the GNU General Public License (GPL).[12][13]

The latest version is Java 8, the only supported version in 2015.

Platform

The Java platform is a suite of programs that facilitate developing and running programs written in the Java programming language. The platform is not specific to any one processor or operating system, rather an execution engine (called a virtual machine) and a compiler with a set of libraries are implemented for various hardware and operating systems so that Java programs can run identically on all of them. There are multiple platforms, each targeting a different class of devices:

  • Java Card: A technology that allows small Java-based applications (applets) to be run securely on smart cards and similar small-memory devices.
  • Java ME (Micro Edition): Specifies several different sets of libraries (known as profiles) for devices with limited storage, display, and power capacities. Often used to develop applications for mobile devices, PDAs, TV set-top boxes, and printers.
  • Java SE (Standard Edition): For general-purpose use on desktop PCs, servers and similar devices.
  • Java EE (Enterprise Edition): Java SE plus various APIs useful for multi-tier client–server enterprise applications.

The Java platform consists of several programs, each of which provides a portion of its overall capabilities. For example, the Java compiler, which converts Java source code into Java bytecode (an intermediate language for the JVM), is provided as part of the Java Development Kit (JDK). The Java Runtime Environment (JRE), complementing the JVM with a just-in-time (JIT) compiler, converts intermediate bytecode into native machine code on the fly. An extensive set of libraries are also part of the Java platform.

The essential components in the platform are the Java language compiler, the libraries, and the runtime environment in which Java intermediate bytecode executes according to the rules laid out in the virtual machine specification.

Java Virtual Machine

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

The heart of the Java platform is the concept of a "virtual machine" that executes Java bytecode programs. This bytecode is the same no matter what hardware or operating system the program is running under. There is a JIT (Just In Time) compiler within the Java Virtual Machine, or JVM. The JIT compiler translates the Java bytecode into native processor instructions at run-time and caches the native code in memory during execution.

The use of bytecode as an intermediate language permits Java programs to run on any platform that has a virtual machine available. The use of a JIT compiler means that Java applications, after a short delay during loading and once they have "warmed up" by being all or mostly JIT-compiled, tend to run about as fast as native programs.[citation needed] Since JRE version 1.2, Sun's JVM implementation has included a just-in-time compiler instead of an interpreter.

Although Java programs are cross-platform or platform independent, the code of the Java Virtual Machines (JVM) that execute these programs is not. Every supported operating platform has its own JVM.

Class libraries

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

In most modern operating systems (OSs), a large body of reusable code is provided to simplify the programmer's job. This code is typically provided as a set of dynamically loadable libraries that applications can call at runtime. Because the Java platform is not dependent on any specific operating system, applications cannot rely on any of the pre-existing OS libraries. Instead, the Java platform provides a comprehensive set of its own standard class libraries containing much of the same reusable functions commonly found in modern operating systems. Most of the system library is also written in Java. For instance, Swing library paints the user interface and handles the events itself, eliminating many subtle differences between how different platforms handle even similar components.

The Java class libraries serve three purposes within the Java platform. First, like other standard code libraries, the Java libraries provide the programmer a well-known set of functions to perform common tasks, such as maintaining lists of items or performing complex string parsing. Second, the class libraries provide an abstract interface to tasks that would normally depend heavily on the hardware and operating system. Tasks such as network access and file access are often heavily intertwined with the distinctive implementations of each platform. The java.net and java.io libraries implement an abstraction layer in native OS code, then provide a standard interface for the Java applications to perform those tasks. Finally, when some underlying platform does not support all of the features a Java application expects, the class libraries work to gracefully handle the absent components, either by emulation to provide a substitute, or at least by providing a consistent way to check for the presence of a specific feature.

Languages

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

The word "Java", alone, usually refers to Java programming language that was designed for use with the Java platform. Programming languages are typically outside of the scope of the phrase "platform", although the Java programming language was listed as a core part of the Java platform before Java 7. The language and runtime were therefore commonly considered a single unit. However, an effort was made with the Java 7 specification to more clearly treat the Java language and the Java virtual machine as separate entities, so that they are no longer considered a single unit.[14]

Third parties have produced many compilers or interpreters that target the JVM. Some of these are for existing languages, while others are for extensions to the Java language. These include:

  • BeanShell – A lightweight scripting language for Java[15]
  • Clojure – A dialect of the Lisp programming language
  • Groovy, a dynamic language with features similar to those of Python, Ruby, Perl, and Smalltalk
  • JRuby – A Ruby interpreter
  • Jython – A Python interpreter
  • Kotlin – An industrial programming language for JVM with full Java interoperability
  • Rhino – A JavaScript interpreter
  • Scala – A multi-paradigm programming language designed as a "better Java"
  • Gosu – A general-purpose Java Virtual Machine-based programming language released under the Apache License 2.0

Similar platforms

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

The success of Java and its write once, run anywhere concept has led to other similar efforts, notably the .NET Framework, appearing since 2002, which incorporates many of the successful aspects of Java. .NET in its complete form (Microsoft's implementation) is currently only fully available on Windows platforms, whereas Java is fully available on many platforms. .NET was built from the ground-up to support multiple programming languages, while the Java platform was initially built to support only the Java language, although many other languages have been made for JVM since.

.NET includes a Java-like language called Visual J# (formerly named J++) that is incompatible with the Java specification, and the associated class library mostly dates to the old JDK 1.1 version of the language. For these reasons, it is more a transitional language to switch from Java to the .NET platform, than a first class .NET language. Visual J# was discontinued with the release of Microsoft Visual Studio 2008. The existing version shipping with Visual Studio 2005 will be supported until 2015 as per the product life-cycle strategy.

Java Development Kit

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

The Java Development Kit (JDK) is a Sun product aimed at Java developers. Since the introduction of Java, it has been by far the most widely used Java software development kit (SDK).[citation needed] It contains a Java compiler, a full copy of the Java Runtime Environment (JRE), and many other important development tools.

History

The Java platform and language began as an internal project at Sun Microsystems in December 1990, providing an alternative to the C++/C programming languages. Engineer Patrick Naughton had become increasingly frustrated with the state of Sun's C++ and C application programming interfaces (APIs) and tools. While considering moving to NeXT, Naughton was offered[by whom?] a chance to work on new technology, and thus the Stealth Project started.

The Stealth Project was soon renamed to the Green Project, with James Gosling and Mike Sheridan joining Naughton. Together with other engineers, they began work in a small office on Sand Hill Road in Menlo Park, California. They aimed to develop new technology for programming next-generation smart appliances, which Sun expected to offer major new opportunities.[16]

The team originally considered using C++, but rejected it for several reasons. Because they were developing an embedded system with limited resources, they decided that C++ needed too much memory and that its complexity led to developer errors. The language's lack of garbage collection meant that programmers had to manually manage system memory, a challenging and error-prone task. The team also worried about the C++ language's lack of portable facilities for security, distributed programming, and threading. Finally, they wanted a platform that would port easily to all types of devices.

Bill Joy had envisioned a new language combining Mesa and C. In a paper called Further, he proposed to Sun that its engineers should produce an object-oriented environment based on C++. Initially, Gosling attempted to modify and extend C++ (a proposed development that he referred to as "C++ ++ --") but soon abandoned that in favor of creating a new language, which he called Oak, after the tree that stood just outside his office.[citation needed]

By the summer of 1992, the team could demonstrate portions of the new platform, including the Green OS, the Oak language, the libraries, and the hardware. Their first demonstration, on September 3, 1992, focused on building a personal digital assistant (PDA) device named Star7[1] that had a graphical interface and a smart agent called "Duke" to assist the user. In November of that year, the Green Project was spun off to become Firstperson, a wholly owned subsidiary of Sun Microsystems, and the team relocated to Palo Alto, California.[17] The Firstperson team had an interest in building highly interactive devices, and when Time Warner issued a request for proposal (RFP) for a set-top box, Firstperson changed their target and responded with a proposal for a set-top box platform. However, the cable industry felt that their platform gave too much control to the user; Firstperson lost their bid to SGI. An additional deal with The 3DO Company for a set-top box also failed to materialize. Unable to generate interest within the television industry, the company was rolled back into Sun.

Java meets the Web

In June and July 1994 – after three days of brainstorming with John Gage (the Director of Science for Sun), Gosling, Joy, Naughton, Wayne Rosing, and Eric Schmidt – the team re-targeted the platform for the World Wide Web. They felt that with the advent of graphical web browsers like Mosaic the Internet could evolve into the same highly interactive medium that they had envisioned for cable TV. As a prototype, Naughton wrote a small browser, WebRunner (named after the movie Blade Runner), renamed HotJava[16] in 1995.

In 1994, Sun renamed the Oak language as Java after a trademark search revealed that Oak Technology used the name Oak.[18] Although Java 1.0a became available for download in 1994, the first public release of Java, Java 1.0a2 with the HotJava browser, came on May 23, 1995, announced by Gage at the SunWorld conference. Accompanying Gage's announcement, Marc Andreessen, Executive Vice President of Netscape Communications Corporation, unexpectedly announced that Netscape browsers would include Java support. On January 9, 1996, Sun Microsystems formed the JavaSoft group to develop the technology.[19]

Version history

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

The Java language has undergone several changes since the release of JDK (Java Development Kit) 1.0 on January 23, 1996, as well as numerous additions of classes and packages to the standard library. Since J2SE 1.4 the Java Community Process (JCP) has governed the evolution of the Java Language. The JCP uses Java Specification Requests (JSRs) to propose and specify additions and changes to the Java platform. The Java Language Specification (JLS) specifies the language; changes to the JLS are managed under JSR 901.[20]

Sun released JDK 1.1 on February 19, 1997. Major additions included an extensive retooling of the AWT event model, inner classes added to the language, JavaBeans and JDBC.

J2SE 1.2 (December 8, 1998) – Codename Playground. This and subsequent releases through J2SE 5.0 were rebranded Java 2 and the version name "J2SE" (Java 2 Platform, Standard Edition) replaced JDK to distinguish the base platform from J2EE (Java 2 Platform, Enterprise Edition) and J2ME (Java 2 Platform, Micro Edition). Major additions included reflection, a collections framework, Java IDL (an interface description language implementation for CORBA interoperability), and the integration of the Swing graphical API into the core classes. A Java Plug-in was released, and Sun's JVM was equipped with a JIT compiler for the first time.

J2SE 1.3 (May 8, 2000) – Codename Kestrel. Notable changes included the bundling of the HotSpot JVM (the HotSpot JVM was first released in April, 1999 for the J2SE 1.2 JVM), JavaSound, Java Naming and Directory Interface (JNDI) and Java Platform Debugger Architecture (JPDA).

J2SE 1.4 (February 6, 2002) – Codename Merlin. This became the first release of the Java platform developed under the Java Community Process as JSR 59.[21] Major changes included regular expressions modeled after Perl, exception chaining, an integrated XML parser and XSLT processor (JAXP), and Java Web Start.

J2SE 5.0 (September 30, 2004) – Codename Tiger. Originally numbered 1.5, which is still used as the internal version number.[22] Developed under JSR 176, Tiger added several significant new language features including the for-each loop, generics, autoboxing and var-args.[23]

Java SE 6 (December 11, 2006) – Codename Mustang. Bundled with a database manager and facilitates the use of scripting languages with the JVM (such as JavaScript using Mozilla's Rhino engine). As of this version, Sun replaced the name "J2SE" with Java SE and dropped the ".0" from the version number.[24] Other major changes include support for pluggable annotations (JSR 269), many GUI improvements, including native UI enhancements to support the look and feel of Windows Vista, and improvements to the Java Platform Debugger Architecture (JPDA) & JVM Tool Interface for better monitoring and troubleshooting.

Java SE 7 (July 28, 2011) – Codename Dolphin. This version developed under JSR 336. It added many small language changes including strings in switch, try-with-resources and type inference for generic instance creation. The JVM was extended with support for dynamic languages, while the class library was extended among others with a join/fork framework,[25] an improved new file I/O library and support for new network protocols such as SCTP. Java 7 Update 76 was released in January 2015, with expiration date April 14, 2015.[26]

The current version, Java SE 8 (March 18, 2014). Notable changes include language-level support for lambda expressions (closures) and default methods, the Project Nashorn JavaScript runtime, a new Date and Time API inspired by Joda Time, and the removal of PermGen. This version is not officially supported on the Windows XP platform.[27] However, due to the end of Java 7's lifecycle it is the recommended version for XP users. Previously, only an unofficial manual installation method had been described for Windows XP SP3. It refers to JDK8, the developing platform for Java that also includes a fully functioning Java Runtime Environment.[28]

In addition to language changes, significant changes have been made to the Java class library over the years, which has grown from a few hundred classes in JDK 1.0 to over three thousand in J2SE 5.0. Entire new APIs, such as Swing and Java 2D, have evolved, and many of the original JDK 1.0 classes and methods have been deprecated.

Usage

Desktop use

According to Oracle, the Java Runtime Environment is found on over 850 million PCs.[29] Microsoft has not bundled a Java Runtime Environment (JRE) with its operating systems since Sun Microsystems sued Microsoft for adding Windows-specific classes to the bundled Java runtime environment, and for making the new classes available through Visual J++.[citation needed] Apple no longer includes a Java runtime with OS X as of version 10.7, but the system prompts the user to download and install it the first time an application requiring the JRE is launched.[citation needed] Many Linux distributions include the partially compatible free software package GNU Classpath[30] and increasingly mostly compatible IcedTea.

Some Java applications are in fairly widespread desktop use, including the NetBeans and Eclipse integrated development environments, and file sharing clients such as LimeWire and Vuze. Java is also used in the MATLAB mathematics programming environment, both for rendering the user interface and as part of the core system. Java provides cross platform user interface for some high end collaborative applications like Lotus Notes.

Mobile devices

Lua error in package.lua at line 80: module 'strict' not found. Java ME has become popular in mobile devices, where it competes with Symbian, BREW, and the .NET Compact Framework.

The diversity of mobile phone manufacturers has led to a need for new unified standards so programs can run on phones from different suppliers – MIDP. The first standard was MIDP 1, which assumed a small screen size, no access to audio, and a 32kB program limit. The more recent MIDP 2 allows access to audio, and up to 64kB for the program size. With handset designs improving more rapidly than the standards, some manufacturers relax some limitations in the standards, for example, maximum program size.

Google's Android operating system uses the Java language, but not its class libraries, therefore the Android platform cannot be called Java. Android executes the code on the ART VM (formerly the Dalvik VM up to Android 4.4.4) instead of the Java VM.

Web server and enterprise use

The Java platform has become a mainstay of enterprise IT development since the introduction of the Enterprise Edition in 1998, in two different ways:

  1. Through the coupling of Java to the web server, the Java platform has become a leading platform for integrating the Web with enterprise backend systems. This has allowed companies to move part or all of their business to the Internet environment by way of highly interactive online environments (such as highly dynamic websites) that allow the customer direct access to the business processes (e.g. online banking websites, airline booking systems and so on). This trend has continued from its initial Web-based start:
    • The Java platform has matured into an Enterprise Integration role in which legacy systems are unlocked to the outside world through bridges built on the Java platform. This trend has been supported for Java platform support for EAI standards like messaging and Web services and has fueled the inclusion of the Java platform as a development basis in such standards as SCA, XAM and others.
    • Java has become the standard development platform for many companies' IT departments, which do most or all of their corporate development in Java. This type of development is usually related to company-specific tooling (e.g. a booking tool for an airline) and the choice for the Java platform is often driven by a desire to leverage the existing Java infrastructure to build highly intelligent and interconnected tools.
  2. The Java platform has become the main development platform for many software tools and platforms that are produced by third-party software groups (commercial, open source and hybrid) and are used as configurable (rather than programmable) tools by companies. Examples in this category include Web servers, application servers, databases, enterprise service buses, business process management (BPM) tools and content management systems.

Enterprise use of Java has also long been the main driver of open source interest in the platform. This interest has inspired open source communities to produce a large amount of software, including simple function libraries, development frameworks (e.g. the Spring Framework, Apache Wicket, Dojo Toolkit, Hibernate), and open source implementations of standards and tools (e.g. Apache Tomcat, the GlassFish application server, the Mule and Apache ServiceMix Enterprise service buses).

Mascot

Plain ol' Duke

Duke is Java's mascot.[31]

When Sun announced that Java SE and Java ME would be released under a free software license (the GNU General Public License), they released the Duke graphics under the free BSD license at the same time.[32] A new Duke personality is created every year.[33] For example, in July 2011 "Future Tech Duke" included a bigger nose, a jetpack, and blue wings.[34]

Licensing

The source code for Sun's implementations of Java (that is the de facto reference implementation) has been available for some time, but until recently the license terms severely restricted what could be done with it without signing (and generally paying for) a contract with Sun. As such these terms did not satisfy the requirements of either the Open Source Initiative or the Free Software Foundation to be considered open source or free software, and Sun Java was therefore a proprietary platform.[35]

While several third-party projects (e.g. GNU Classpath and Apache Harmony) created free software partial Java implementations, the large size of the Sun libraries combined with the use of clean room methods meant that their implementations of the Java libraries (the compiler and VM are comparatively small and well defined) were incomplete and not fully compatible. These implementations also tended to be far less optimized than Sun's.[citation needed]

Free software

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

Sun announced in JavaOne 2006 that Java would become free and open source software,[36] and on October 25, 2006, at the Oracle OpenWorld conference, Jonathan I. Schwartz said that the company was set to announce the release of the core Java Platform as free and open source software within 30 to 60 days.[37]

Sun released the Java HotSpot virtual machine and compiler as free software under the GNU General Public License on November 13, 2006, with a promise that the rest of the JDK (that includes the JRE) would be placed under the GPL by March 2007 ("except for a few components that Sun does not have the right to publish in distributable source form under the GPL").[38] According to Richard Stallman, this would mean an end to the "Java trap".[39] Mark Shuttleworth called the initial press announcement, "A real milestone for the free software community".[40]

Sun released the source code of the Class library under GPL on May 8, 2007, except some limited parts that were licensed by Sun from 3rd parties who did not want their code to be released under a free software and open-source license.[41] Some of the encumbered parts turned out to be fairly key parts of the platform such as font rendering and 2D rasterising, but these were released as open-source later by Sun (see OpenJDK Class library).

Sun's goal was to replace the parts that remain proprietary and closed-source with alternative implementations and make the class library completely free and open source. In the meantime, a third party project called IcedTea created a completely free and highly usable JDK by replacing encumbered code with either stubs or code from GNU Classpath. Although OpenJDK has since become buildable without the encumbered parts (from OpenJDK 6 b10[42]), IcedTea is still used by the majority of distributions, such as Fedora, RHEL, Debian, Ubuntu, Gentoo, Arch Linux and Slackware, as it provides security releases and an easier means for patch inclusion. OpenJDK also still doesn't include a browser plugin & Web Start implementation, so IcedTea's companion project, IcedTea-Web, is needed to fill this gap.

In June 2008, it was announced that IcedTea6 (as the packaged version of OpenJDK on Fedora 9) has passed the Technology Compatibility Kit tests and can claim to be a fully compatible Java 6 implementation.[43]

Because OpenJDK is under the GPL, it is possible to redistribute a custom version of the JRE directly with software applications,[44][45] rather than requiring the enduser (or their sysadmin) to download and install the correct version of the proprietary Oracle JRE onto each of their systems themselves.

Criticism

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

In most cases Java support is unnecessary in Web browsers, and security experts recommend that it not be run in a browser unless absolutely necessary.[46] It was suggested that, if Java is required by a few Web sites, users should have a separate browser installation specifically for those sites.

Generics

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

When generics were added to Java 5.0, there was already a large framework of classes (many of which were already deprecated), so generics were chosen to be implemented using erasure to allow for migration compatibility and re-use of these existing classes. This limited the features that could be provided by this addition as compared to some other languages.[47][48]

Unsigned integer types

Java lacks native unsigned integer types. Unsigned data are often generated from programs written in C and the lack of these types prevents direct data interchange between C and Java. Unsigned large numbers are also used in many numeric processing fields, including cryptography, which can make Java less convenient to use for these tasks.[49] Although it is possible to partially circumvent this problem with conversion code and using larger data types, it makes using Java cumbersome for handling the unsigned data. While a 32-bit signed integer may be used to hold a 16-bit unsigned value with relative ease, a 32-bit unsigned value would require a 64-bit signed integer. Additionally, a 64-bit unsigned value cannot be stored using any integer type in Java because no type larger than 64 bits exists in the Java language. If abstracted using functions, function calls become necessary for many operations which are native to some other languages. Alternatively, it is possible to use Java's signed integers to emulate unsigned integers of the same size, but this requires detailed knowledge of complex bitwise operations.[50]

Floating point arithmetic

While Java's floating point arithmetic is largely based on IEEE 754 (Standard for Binary Floating-Point Arithmetic), certain features are not supported even when using the strictfp modifier, such as Exception Flags and Directed Roundings — capabilities mandated by IEEE Standard 754. Additionally, the extended precision floating-point types permitted in 754 and present in many processors are not permitted in Java.[51][52]

Performance

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

In the early days of Java (before the HotSpot VM was implemented in Java 1.3 in 2000) there were some criticisms of performance. However, benchmarks typically report Java as being about 50% slower than C (a language which compiles to native code).[53][54][55]

Java's performance has improved substantially since the early versions.[56] Performance of JIT compilers relative to native compilers has in some optimized tests been shown to be quite similar.[56][57][58]

Java bytecode can either be interpreted at run time by a virtual machine, or it can be compiled at load time or runtime into native code which runs directly on the computer's hardware. Interpretation is slower than native execution, and compilation at load time or runtime has an initial performance penalty for the compilation. Modern performant JVM implementations all use the compilation approach, so after the initial startup time the performance is equivalent to native code.

Security

<templatestyles src="Module:Hatnote/styles.css"></templatestyles>

The Java platform provides a security architecture[59] which is designed to allow the user to run untrusted bytecode in a "sandboxed" manner to protect against malicious or poorly written software. This "sandboxing" feature is intended to protect the user by restricting access to certain platform features and APIs which could be exploited by malware, such as accessing the local filesystem, running arbitrary commands, or accessing communication networks.

In recent years, researchers have discovered numerous security flaws in some widely used Java implementations, including Oracle's, which allow untrusted code to bypass the sandboxing mechanism, exposing users to malicious attacks. These flaws affect only Java applications which execute arbitrary untrusted bytecode, such as web browser plug-ins that run Java applets downloaded from public websites. Applications where the user trusts, and has full control over, all code that is being executed are unaffected.

On August 31, 2012, Java 6 and 7 on Microsoft Windows, Mac OS X, and Linux were found to have a serious security flaw that allowed a remote exploit to take place by simply loading a malicious web page.[60] Java 5 was later found to be flawed as well.[61]

On January 10, 2013, three computer specialists spoke out against Java, telling Reuters that it was not secure and that people should disable Java. Jaime Blasco, Labs Manager with AlienVault Labs, stated that "Java is a mess. It’s not secure. You have to disable it."[62] This vulnerability affects Java 7 and it is unclear if it affects Java 6, so it is suggested that consumers disable it.[63][64] Security alerts from Oracle announce schedules of critical security-related patches to Java.[65]

On January 14, 2013, security experts said that the update still failed to protect PCs from attack.[66] This exploit hole prompted a response from the United States Department of Homeland Security encouraging users to disable or uninstall Java.[67] Apple blacklisted Java in limited order for all computers running its Mac OS X operating system through a virus protection program.[68]

Adware

The Java browser runtime environment has a history of bundling sponsored software to be installed by default during installation and during the updates which roll out every month or so. This includes the "Ask.com toolbar" that will redirect browser searches to ads and "McAfee Security Scan Plus".[69]

Redundancy

Several authors[weasel words] inline with recent Java security and vulnerability issues have called for users to ditch Java. "Once promising, it has outlived its usefulness in the browser, and has become a nightmare that delights cyber-criminals at the expense of computer users."[70] "I think everyone should uninstall Java from all their PCs and Macs, and then think carefully about whether they need to add it back. If you are a typical home user, you can probably do without it. If you are a business user, you may not have a choice."[71]

Update system

Java has yet to release an automatic updater that does not require user intervention and administrative rights[72] unlike Google Chrome[73] and Flash player.[74]

See also

References

  1. Version 1.0 press release, Sun.
  2. Lua error in package.lua at line 80: module 'strict' not found.
  3. Lua error in package.lua at line 80: module 'strict' not found.
  4. Lua error in package.lua at line 80: module 'strict' not found.
  5. http://openjdk.java.net/groups/hotspot/
  6. Oracle JDK 7 and JRE 7 Certified System Configurations
  7. http://www.oracle.com/technetwork/java/javase/javase7locales-334809.html
  8. GNU GPLv2 with Classpath exception
  9. BCL For Java SE
  10. OpenJDK FAQ
  11. Lua error in package.lua at line 80: module 'strict' not found.
  12. Lua error in package.lua at line 80: module 'strict' not found.
  13. Lua error in package.lua at line 80: module 'strict' not found.
  14. Lua error in package.lua at line 80: module 'strict' not found.
  15. www.beanshell.org
  16. 16.0 16.1 Lua error in package.lua at line 80: module 'strict' not found.
  17. Lua error in package.lua at line 80: module 'strict' not found.
  18. Lua error in package.lua at line 80: module 'strict' not found.
  19. Lua error in package.lua at line 80: module 'strict' not found.
  20. The Java Community Process(SM) Program – JSRs: Java Specification Requests – detail JSR# 63
  21. The Java Community Process(SM) Program – JSRs: Java Specification Requests – detail JSR# 59
  22. Version 1.5.0 or 5.0?
  23. The Java Community Process(SM) Program – JSRs: Java Specification Requests – detail JSR# 176
  24. Lua error in package.lua at line 80: module 'strict' not found.
  25. Lua error in package.lua at line 80: module 'strict' not found.
  26. Oracle Java SE 7 Update 76 Release Notes
  27. http://www.java.com/en/download/faq/winxp.xml
  28. Installing JDK8 on Windows XP – advapi32.dll error
  29. Lua error in package.lua at line 80: module 'strict' not found.
  30. Lua error in package.lua at line 80: module 'strict' not found.
  31. Lua error in package.lua at line 80: module 'strict' not found.
  32. Lua error in package.lua at line 80: module 'strict' not found.
  33. Lua error in package.lua at line 80: module 'strict' not found.
  34. Lua error in package.lua at line 80: module 'strict' not found.
  35. Lua error in package.lua at line 80: module 'strict' not found.
  36. Lua error in package.lua at line 80: module 'strict' not found.
  37. Oracle OpenWorld: UnBreakable Linux / 5015.2 not on the horizon
  38. Sun Opens Java
  39. Free But Shackled – The Java Trap
  40. Lua error in package.lua at line 80: module 'strict' not found.
  41. Lua error in package.lua at line 80: module 'strict' not found.
  42. Lua error in package.lua at line 80: module 'strict' not found.
  43. Lua error in package.lua at line 80: module 'strict' not found.
  44. Bundling a jre, github/libgdx/libgdx
  45. Question about bundling custom OpenJDK – Java-Gaming.org
  46. Sophos:"Unless it is absolutely necessary to run Java in web browsers, disable it", DHS-sponsored CERT team says, 15 January 2013
  47. Lua error in package.lua at line 80: module 'strict' not found.
  48. Lua error in package.lua at line 80: module 'strict' not found.
  49. Lua error in package.lua at line 80: module 'strict' not found.
  50. Lua error in package.lua at line 80: module 'strict' not found.
  51. Lua error in package.lua at line 80: module 'strict' not found.
  52. Lua error in package.lua at line 80: module 'strict' not found.
  53. Which programming languages are fastest? | Computer Language Benchmarks Game[dead link]
  54. speed ÷ C++ GNU g++ speed | Computer Language Benchmarks Game[dead link]
  55. C++ vs Java performance; It’s a tie! | Blog of Christian Felde
  56. 56.0 56.1 Lua error in package.lua at line 80: module 'strict' not found.
  57. The Java is Faster than C++ and C++ Sucks Unbiased Benchmark
  58. FreeTTS – A Performance Case Study, Willie Walker, Paul Lamere, Philip Kwok
  59. Java SE Platform Security Architecture. Oracle. Retrieved 2013-04-23.
  60. blogs.computerworld.com – Java security flaw: yada yada yada, 2012-08-31
  61. threatpost.com – New Zero-Day Vulnerability Found in Java 5, 6 and 7; 1.1 Billion Desktops Affected, 2012-09-26
  62. nbcnews.com – Experts urge PC users to disable Java, cite security flaw, 2013-01-10
  63. US Dept. of Homeland Security Calls On Computer Users To Disable Java Forbes, January 11, 2013
  64. Nasty New Java Zero Day Found; Exploit Kits Already Have It, 2013-01-10
  65. Oracle Critical Patch Updates, Security Alerts
  66. independent.ie – Emergency patch for Java fails to fix cybercrime holes, warn experts, 2013-01-14
  67. zdnet.com – Homeland Security warns to disable Java amid zero-day flaw, 2013-01-11
  68. venturebeat.com – Oracle issues fix for Java exploit after DHS warns of its holes, 2013-01-14
  69. Lua error in package.lua at line 80: module 'strict' not found.
  70. Lua error in package.lua at line 80: module 'strict' not found.
  71. Lua error in package.lua at line 80: module 'strict' not found.
  72. Lua error in package.lua at line 80: module 'strict' not found.
  73. Lua error in package.lua at line 80: module 'strict' not found.
  74. Lua error in package.lua at line 80: module 'strict' not found.

External links

uk:Java