“Java was responsible for 50 percent of all cyber attacks last year in which hackers broke into computers by exploiting software bugs, according to Kaspersky. That was followed by Adobe Reader, which was involved in 28 percent of all incidents. Microsoft Windows and Internet Explorer were involved in about 3 percent of incidents, according to the survey.”
That’s quite an indictment. It remains to be seen whether Oracle will wake up or cut Java loose to be truly Free Software. After suing Google over Java, and losing seriously, they burned a lot of bridges to the world of Free Software. If Oracle is unable or unwilling to do the work required, they should step aside and let the world manage. In the meantime, we should slack off on creating new Java applications lest we lock ourselves into vulnerability forever. The world is rapidly moving to web applications and should reconsider the role of Java in that. I use Pascal and PHP for most of my web applications. Heavily-used applications may need to ship Java applets over the web in order to scale but relying on Java puts that all to risk.