Feeds

back to article Oracle gives 21 (new) reasons to uninstall Java

Oracle this week pushed an updated version of its Java runtime environment that fixes 21 security vulnerabilities, 19 of which allow attackers to remotely install malicious software on end-user machines. The company recommends users install Java 6 Update 24 as soon as possible, but before readers follow though, allow us to …

COMMENTS

This topic is closed for new posts.

Page:

Thumb Up

way ahead of you there

Uninstalled Java, due to the fact that despite constantly patching, chattering over the network and being a general asspain, the Java updater never seemed to keep Java up to date, and installed versions were often vulnerable to already (theoretically) fixed bugs.

So far, the only difference that I have noticed is that I am unable to try Minecraft out. Probably for the best. All other java software that I had was easily replaced elsewhere. The net effect of getting rid of it was beneficial.

5
1
Bronze badge

Open Office needs Java

Open Office needs Java to support its lesser-known file formats: as examples, docbook and MS_XML_2003. However, it does not need Java to support odt/doc, ods/xls, and odp/ppt.

Open Office would be a much cleaner product if those Java dependencies were eliminated. But I guess that means replacing the Java class libraries, not just the code. Should be possible in C++, though.

2
0
Bronze badge

LibreOffice working to remove it

The LibreOffice fork has getting rid of Java as one of it's goals. For example, the intend to rewrite the database part to work without Java (see Java-related items in http://wiki.documentfoundation.org/Easy_Hacks )

4
0

Unless

Unless your broadband goes down and you need to access BT's speedtester, ever try downloading Java on dialup speeds? It takes a long time. Or you use a Cisco and need to use their software which seems to use Java AND Flash, stupid Cisco.

4
0
Silver badge

Yeah...

Or Java and Java-mediated calls to the Microsoft Windows API.

About which I shall avoid adding an adjective.

But I never considered Cisco again.

1
0
Anonymous Coward

If you are referring to WebEx - not really

WebEx runs fine (within the official documented functionality limits) on Mac Linux which does not have flash and has no chance of getting any.

0
1
Bronze badge

Cisco?

"Or you use a Cisco and need to use their software which seems to use Java AND Flash, stupid Cisco."

If you need to use the Cisco GUI then you probably shouldn't be messing with it. You don't need Java or Flash at the command line.

5
9
FAIL

Confused

If your broadband has gone down, how would you even access BT's speed tester? And if it had gone down, do you really need a speed tester to tell you that you're getting 0kbps?

Other than that, all your argument is complaining about something which is quite big, taking a long time to download over dialup speeds. Well, yes.

2
0
Paris Hilton

Your dick is bigger than mine

Few things irritate me more than people demonstrating how superior they are by pontificating on how using the command line is what competent people do, eschewing more advanced user interfaces.

Going down ... for being a dick.

Paris: obviously.

ps: My bank requires Java, as does almost every other bank in this country (denmark)

14
11
Anonymous Coward

@Confused

Because BT will refuse to do anything until you've at least tried to run the tool. I know. I've had issues recently and it still had to be done.

0
0
Silver badge

Er...

"eschewing more advanced user interfaces."

Surely the whole idea of GUIs is to be simpler than the command-line, not as powerful? It's pretty inescapable that pointing at things and clicking is easier but less powerful than using a formal language.

0
2
Megaphone

This

Pleasepleasepleasepleasepleaseplease . . . let Larry's hubris be the death of Java. The mantra of "write once, run anywhere" has become "write once, run somewhere . . . maybe." Assuming you have just exactly the right JVM and the developer has not snuck in some platform-dependent code and is not, in fact, a chimpanzee turned loose on a laptop as a lark, the Java code might execute properly. Or you might get a big red stop sign saying "FUCK YOU, YOU STUPID WHORE. YOU'RE RUNNING JAVA. WHAT THE FUCK WERE YOU THINKING?"

The final sign that Java had jumped the shark was that IBM started using it (Eclipse, that is, and anyone who wants to lecture me on the difference can do something that mentioning in this post would undoubtedly cause it to be rejected) as the GUI framework for Load of Goats, which, in terms of user experience improvement, is roughly analogous to smearing feces on a pig.

Death to Java!

8
19
Silver badge
FAIL

Did you just...

...enroll in a freshman programming course?

Knowledgeable people generally dont have such strong opinions.

10
6
Stop

@Destroy All Monsters I disagree

I'm a sysadmin who has gotten burned far too many times by Java updates breaking things. My favorite so far has been the Java update that broke the app that Cisco uses to admin it's firewalls and forced me to install beta Cisco firmware to work around.

4
0
Happy

That's because...

... knowledgeable people ceased to give a shit years ago. We just accept it for what it is, curse the fact we have to use it, get over it and move on.

5
0
Silver badge

That's the app writer's problem...

Not Java's problem.

Cisco should be able to hack this. As usual, their Quality Control is made by a rat in the cellar paid by 5% taken off someone's support license.

5
1

@Gerhard Mack

Ever tried using Java + NTLM proxy + SSL? Bug first reported in 2007. Fix is just going in to 1.6.0_25. Of course, the fact that most of my customers have strict IT rules on installing new version of software means they won't benefit from the fix until about 2015 at the earliest...

I do wish Java would just go away

3
0
Anonymous Coward

@Gerhard Mack

Complain to Cisco - there coding is shocking, and an example of how incompetent programmers can bugger up the "write once, run anywhere" principle by applying sufficient amounts of pig-headed ignorance. That goes for all cross-platform Java issues I've encountered.

4
0
Silver badge

I've had thoughts similar to the ones you are criticizing from time to time.

It has nothing to do with Java per se, and more to do with the idiots writing (or to be more precise, NOT writing) the code I have to support in my daily job. Twits still haven't updated their code base to a SUPPORTED version of Java and I've now been here for a year and a half. And it doesn't play well with the other app that uses a supported version of Java, and yes, frequently people who need the first app also need the second.

3
0
Silver badge
Dead Vulture

ohlookitsthisthreadagain.jpg

"Try uninstalling Java altogether. This will dramatically shrink the attack surface of your machine, and unless you use a handful of specific applications, you'll never notice the difference."

I don't know what's going on here, but we already had that exact exhortation about a month ago or so.

Has the Microsoft check cleared or something?

15
5
Anonymous Coward

Or ...

Perhaps, like me, they find Windows and Java equally awful.

Some of us have come to the conclusion that Java is awful. We did that on our own merit, and without being bribed, cajoled or manipulated.

4
2
Anonymous Coward

Java usage going up

Actually I've noticed more sites switching to Java from Flash lately, I know I wouldn't get far without it on my machines.

6
0
FAIL

Uninstall Everything

If you are going to uninstall everything with a security flaw in it, you might as well forget owning a computer: MacOS, Linux, Windows, BIOSes, Java, .NET, the whole lot can go.

Its fun to write dumb articles like this one, but giving companies grief when they publish security fixes is a pretty bad strategy - it is only going to encourage companies to hide their flaws.

54
5
FAIL

Why not...

uninstall Microsoft .Net - just like Java, except its updates are forced with Windows updates so you don't see them, didn't you know that? Perhaps you should also suggest Adobe products or even Windows itself

Stop scare mongering. Chances are if people have it installed already it's because an app on their system needs it.

23
6
Bronze badge

.Net

"Why no uninstall Microsoft .Net?"

Never installed it in the first place, matey. You might need it in a corporate environment, but otherwise no.

Too many people just install everything rather than taking a decision on whether they need it.

2
3

.NET != corporate

I think I might have more .NET apps on my home PC than my work one, it is, at the very least a close thing.

Java on the other hand is a very corporate affair, lots of those at work and very few at home.

2
0
FAIL

Right...

Presumably if they're installing it... it would be because they need it...

However in the case of .Net unless you're still on XP then chances are you already have it....

4
0
Gold badge

Sadly..

.. Openoffice depends on it :-(.

0
4
Bronze badge

Really?

"Openoffice depends on it"

Really? I'd better not tell my PC that. Openoffice might stop working if it finds out.

4
0
Silver badge

"Openoffice depends on it"

Turning Java requirements off is an official way of speeding-up OpenOffice startup

2
0
Alert

Formula 1 live timing

....I need it for this. (oh and a few porn sites too)

4
0
WTF?

This may be a daft question,

but what does a porn site need with java?

5
0

what does a porn site need with java?

It's what they used to program the robotic hand.

1
0
Go

Maybe in a couple more months...

Right now, I've got a research project consisting of about 14kLoC, which I don't exactly feel like rewriting over a weekend. And the "write once, run anywhere" property did work well enough for me. It allowed me to write the code on a Win7 machine with graphics and benchmark it on a RedHat cluster just fine.

However, I think after this, that'll be the end of it. Anyone have any suggestions for a good alternative language? Something object oriented, with good GUI support, besides C++? Never could get my head around C++ somehow.

Go; cause it's time to.

1
2
Anonymous Coward

You want options? ....

Python perhaps? Ruby was all the rage recently, but its memory handling remains leakier than java's. Crusty old sysadmins would probably do OO in perl just because. Or if you're a Real Academic, lisp (or its cousin scheme) of course; you'll hash out any missing OO infrastructure with but a few definitions. If you're more of the low-level persuasion you could do it in even less FORTH words. That's not OO-y enough? What about smalltalk? Oh you wanted something modern? Haskell is de rigeur in some circles.

That a bit too many options? Try the first one, or else explain a bit more about what sort of research project you're talking about, as in what type of coding you tend to write.

1
0
Silver badge
Go

Or maybe

Clojure or Scala or Groovy. Run on the JVM.

0
3
Happy

Mmm.. options, tasty....

Well, since I don't need to start on any new projects soon, I can't really say precisely what I need. But, essentially, I'm looking for a general purpose language, that's able to tackle a wide range of problems effectively. As an example from the previous project mentioned, some chunks were written with an object oriented approach, (the data structures and overall hierarchy primarily) some were written procedurally, (just cause it's straight-forward) and still others were written in a functional manner (some math routines.) So, Java and C++ are nice in that it's easy to take and mix various styles of programming to whatever best suits a subtask. Of course, I could make some "perfect world" requests, such as fast execution, easy to read and write, portable, dev-safe, concurrency support, etc.. FWIW, I do tend to use Perl for quick and dirty scripting and MATLAB for heavy math. I would expect that I'd be using the language primarily on desktop type machines, though the occasional cluster wouldn't be out of the question. I guess I'm mostly wondering if there's a successor to C++ and Java yet.

I've heard of most of those... Though just the thought of doing heavy programming in a number of those would probably drive me crazy (Lisp, Scheme, Haskell) I had heard good things about Python and Ruby, so it's nice to know that Ruby has memory issues. Of course, I've heard good things about C# too, though it's not really portable outside MS land. And it appears that C++0x still hasn't landed yet. =( So, it sounds like I should check out Python the next time I've got a new project to play with.

0
0

NFTR

I had the same problem a few years ago. I would just bite the bullet and learn C++; you can read 'Accelerated C++' in a couple of weeks. It's not pretty, but it more or less does the job. My 'research project' is now getting on for 100KLoC, and I'm pretty sure I would be shafted if I'd used a proper language instead.

My next few w/ends will be taken up with trying to move it all from MinGW to MSVC.. :(

0
0
Anonymous Coward

Did I miss something?

Surely the point was to get away from Java bugs?

0
0
Megaphone

@OP

Delphi. Or preferably Delphi's funky open source and cross platform cousin Lazarus.

They are both dialects / derivatives of object pascal, which is often dismissed as a toy language or a teaching aid. It is however surprisingly powerful and a metric fuck-ton faster than Java for scientific or maths stuff.

2
2
Silver badge
Pint

"Surely the point was to get away from Java bugs"

In this universe, you don't get away from bugs.

You can just trade them in for others.

2
0

That MATLAB code your writing means you still need Java

Or at least, it does if you use more or less any of the features of the the MathWorks IDE.

0
0

Never heard of Lazarus, tbh.

I didn't like Embracadero's pricing plan a while back so I've not really followed Delphi since.

Object pascal is quite interesting but if you already know c++, I can't really see the point in learning something else that is less popular and not free (ok I admit, I am discounting Lazarus here) and with a future that's not completely quite certain.

(I'll grant that c++ is horrid and fugly)

0
0
Boffin

Smalltalk

Pure OO. Just get stuff done, quickly and efficiently and stop spending time massaging a stupidly complex syntax.

0
0
Silver badge

Smalltalk, you say?

The Pharo project is making great strides towards bringing Smalltalk a bit more up to date.

http://pharo-project.org/home

And it has to be said that even Smalltalk-80 makes Java look like a poor-man's version of OOP (which, to be fair, it literally is - Sun wouldn't pay the license fee for ST so they did their own half-arsed version instead).

There is some merit in your FORTH suggestion too, but I don't think the mass market is going to get excited about that in the foreseeable future. To put it mildly.

0
0
Happy

Smalltalk

I spend about 2/3 my time at work developing in Smalltalk with the rest in C++ with some C# and Java. Smalltalk blows these others totally away for productivity, maintainability and dev. environment. It's also the best for test driven development. We can train a new developer in Smalltalk in a couple of days max. Once you 'get' Smalltalk you wonder why everybody isn't using it.

Ckeck out Pharo Smalltalk (great for web development using Seaside and totally cross platform) or Dolphin Smalltalk for mega cool environment but Windows only. Othe commercial implementations are VA Smalltalk from Instantiations and Visual Works from Cincom.

0
0
IT Angle

java..that still kicking?..

Yeh uninstalled java a long time ago. Not to many things require java unless you deal with enterprise stuff alot which is only usually at work. I don't think I have come across any general websites that require java. Remember java and javascript are completely different.

Good advice overall. I think alot of people over-estimate the importance of java on their machines. I find it's disappearing more and more as time goes on. Glad I stopped learning it early on as I saw cottoned onto the fact what was promised was rarely delivered in reality.

2
4
Anonymous Coward

There's a lot more Java than you think there is out on the web

If you set the Java Console to launch when Java is in use you will notice it comes up fairly often on a wide range of web sites.

1
0
Silver badge

The New Yin to that Tired Old Yang

"Oracle this week pushed an updated version of its Java runtime environment that fixes 21 security vulnerabilities, 19 of which allow attackers to remotely install malicious software on end-user machines."

Dan, Hi,

For Any and All into Command and Control of Computers and Communication for Creative CyberSpace Programming, is Java a Prime Facilitator with its Remote Installation Utility for those delivering SMARTer IntelAIgents Software for Virtual Future Projects ....... Concerted Cloud Compositions with a Cacophony of Choice CodedD Campaigns to Catalogue and Cherish with Compliance and/or Complicity.

One just can't have end-user machines doing whatever they like, can we, for that would be as an Open Invitation to CHAOS and Anarchy and that is no NEUKlearer HyperRadioProActive World Order Programming, is it, for that is just more of the same old nonsense as is being presently provided.

1
2

Page:

This topic is closed for new posts.