Hacker News new | comments | show | ask | jobs | submit login

Do the OOP/Java courses still teach students that Java is "secure"?



Java the language is not insecure, nor is having the JVM installed. The issue comes from the Java browser plugin, which has been a security disaster to the point that it's being disabled in browsers automatically.


People are (even I was) taught Java to believe that if you embrace Java, you no longer have to worry about security, without detailing them on what kind of security problems are alleviated by Java. And Oracle has proved itself highly inefficient when it comes to responding fast with patches.


Yup, instructors of my brother's Java oriented courses still keep that rhetoric going. Really that statement kept confused me from day 1 since examples to the contrary are easily found via google:

http://www.symantec.com/security_response/writeup.jsp?docid=...

And that one is years prior to when I went to school. People can believe whatever they want about the security of their preferred platform but basically any large project is going to have some sort of vulnerability. All it takes is someone with enough gumption to find it.


As someone who is still in a beginners course on OOP/Java, I can tell you that that's not the only bull they'll spout.


Yes. Or at least, as recently as 2 years ago at my university, they did.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: