Applets security and HTMLets

From:

ram@zedat.fu-berlin.de (Stefan Ram)

Newsgroups:

comp.lang.java.programmer

Date:

2 Feb 2013 14:45:17 GMT

Message-ID:

<reports-20130202153355@ram.dialup.fu-berlin.de>

  With all the continuous security leak reports about Java in
  the press, if I was Oracle, I would try to hire those
  security consultants who have found security issues in Java
  recently and set up a special and independent department of
  maybe 7 - 14 employees whose sole purpose is to find
  security holes in Java five days a week (a bonus is paid for
  each hole found). Of course, /we/ know that the security
  problems only relate to a specific Java runtime /in the
  browser/ and that any exe file can do at least as much harm
  as a Java applet, but the general audience and some executives
  might get the impression that Java was ?not secure?.

  If, maybe 2 or 3 years later, Java is found to be quite
  secure in the browser it might even get a new boost there,
  when people say, ?Well, JavaScript is nice, but Java s so
  much more secure.? Of ourse, the other thing needed is a
  more close HTML integration: We need applets to be replaced
  by ?HTMLets?, which use the webpage (HTML) as the user
  interface (for both input and output, without JavaScript
  as interface code), not a special applet window.