

Is Java the root of all evil and can you really live without it in the browser? - troyhunt
http://www.troyhunt.com/2013/01/is-java-root-of-all-evil-and-can-you.html

======
pekk
Well, of course Java is not the root of all evil, and the usefulness of the
language is not really the issue either.

Everyone has known that Java browser applets are clunky and broken for many
years. If I need to do something which seems to require a Java applet, I will
do it another way just to avoid the inevitable fiddling. And we have kept
having these big vulnerabilities, of which we can assume more than a few go
undiscovered for some time. Now they have become such a security embarrassment
that the government is recommending to disable them. This is totally
ridiculous. Even if Oracle patches each one a few days later, it is a huge
waste of time to have to keep disabling and emergency-patching this product.
It's just happening too frequently, with too much impact.

Unless Java applets get a heroic white knight to transmute them from poop into
gold, we should do to them what we've done with IE6 - not wait for them to die
naturally. They should be strictly legacy, their use should be discouraged,
migrations should be prepared, and they should only survive where they are a
necessary evil.

