Java Caveats

Advanced Methods | Java Caveats

Java Caveats

Java is the hottest topic on the Web now, and as with all "hot topics" there is a lot of hype to sort through. Java will be a very important component for the future of the Web, but it is not appropriate for everything, and currently has a set of growing pains that the potential user should be aware of.
Dependability of Canned Applets

Java is still a fairly new language, and the supply of useful applets is yet rather limited. Also, applets that you find on the Web may sometimes not work as advertised. Although byte-code is supposed to be platform independent so that an applet can be moved from one system to another without having to be recompiled, it may still sometimes happen that an applet will work fine on the computer where it was developed, but do nothing on some other systems. Such problems will probably become less common as Java and its implementations mature, but they are very real now.
Security Issues

A Java applet is code that is downloaded to, and executes on, the client machine. Thus, there are security concerns: Java could be a great place to hide a computer virus. (Generally, merely reading files will not infect a computer with a virus; the virus must be embedded in executable code for it to do its dirty work; thus there is particular concern for executable code that downloads and launches execution automatically, as is the case for Java.)
These security concerns have been addressed by limiting the functions that a Java applet is capable of performing on the client machine. This is what the Java developers call "running untrusted applets in a trusted environment". For example, applets loaded over the network are not permitted to run other programs or write files on the client computer, they cannot download other Java applets except from the original computer from which they were downloaded, and the amount of information that they can read from the client computer is severely restricted.
The proponents of Java maintain that these (and additional measures not listed here) are adequate security precautions, but some dispute this. A more thorough discussion of applet security maybe found in the relevant newsgroups (see the References for this section).


			Advanced Methods \| Java Caveats
		Java Caveats `Java` is the hottest topic on the Web now, and as with all "hot topics" there is a lot of hype to sort through. `Java` will be a very important component for the future of the Web, but it is not appropriate for everything, and currently has a set of growing pains that the potential user should be aware of. Dependability of Canned Applets `Java` is still a fairly new language, and the supply of useful applets is yet rather limited. Also, applets that you find on the Web may sometimes not work as advertised. Although byte-code is supposed to be platform independent so that an applet can be moved from one system to another without having to be recompiled, it may still sometimes happen that an applet will work fine on the computer where it was developed, but do nothing on some other systems. Such problems will probably become less common as `Java` and its implementations mature, but they are very real now. Security Issues A `Java` applet is code that is downloaded to, and executes on, the client machine. Thus, there are security concerns: `Java` could be a great place to hide a computer virus. (Generally, merely reading files will not infect a computer with a virus; the virus must be embedded in executable code for it to do its dirty work; thus there is particular concern for executable code that downloads and launches execution automatically, as is the case for `Java`.) These security concerns have been addressed by limiting the functions that a `Java` applet is capable of performing on the client machine. This is what the `Java` developers call "running untrusted applets in a trusted environment". For example, applets loaded over the network are not permitted to run other programs or write files on the client computer, they cannot download other `Java` applets except from the original computer from which they were downloaded, and the amount of information that they can read from the client computer is severely restricted. The proponents of `Java` maintain that these (and additional measures not listed here) are adequate security precautions, but some dispute this. A more thorough discussion of applet security maybe found in the relevant newsgroups (see the References for this section).