Funny thing is that the first program what needed Java was XCode :)
On Fri, Jul 29, 2011 at 1:55 AM, Ricky Clarkson <[email protected]>wrote: > For the average computer user, Java's this thing that pops up asking > to update itself (and how many clicks does this actually take?), but > they don't know what it is. > > They're not going to know that it's actually safe to install certain > Java apps, and even if it is, those Java apps won't be able to do any > typical desktop tasks such as playing video. For that we (currently) > need to be able to call out to native code not supplied with the JVM. > > The problem, I believe, needs addressing at the OS level, though every > little helps on the Java end. > > On Tue, Jul 26, 2011 at 8:51 AM, opinali <[email protected]> wrote: > > On Jul 24, 11:43 am, Ricky Clarkson <[email protected]> wrote: > >> > Java's security model is at least, > >> > indisputably much better than that of any non-managed language (i.e. > >> > better than zero) > >> Only in applets. Java desktop applications can do anything a C program > can. > > > > Not 100% true. First, there's WebStart too (I know JAWS its not a > > rocking success either - but it could be, if the resulting apps run > > well enough). Second, even for conventionally-installed Java apps you > > can enforce as much of the security model as you want - unfortunately > > there's no standard mechanism to perform local Java app installations > > in a secured way, so the app advertises required permissions etc. > > (again see Android)... this could be fixed, but it's hard because it > > would require some integration with OS-native installation services so > > app providers cannot circumvent the system. > > > > For both Java and native apps, it's certainly possible to limit > > permissions of locally installed apps; it's only not possible to > > enforce this so users cannot install something without knowing about, > > and explicitly granting the required permissions. For native apps you > > can do like Google Chrome - multi-process model, self-restriction of > > privileges on a per-process basis. Java apps can do exactly the same, > > except that it's all easier and more lightweight (does not require > > multiple processes), so arguably there is some advantage for Java even > > in this case... > > > > A+ > > Osvaldo > > > >> > I never heard anyone claiming that C/C++ are > >> > dead/dying because of security. > >> > >> It's desktop apps that seem to be dying, not particularly Java ones. > > > > -- > > You received this message because you are subscribed to the Google Groups > "The Java Posse" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > [email protected]. > > For more options, visit this group at > http://groups.google.com/group/javaposse?hl=en. > > > > > > -- > You received this message because you are subscribed to the Google Groups > "The Java Posse" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/javaposse?hl=en. > > -- You received this message because you are subscribed to the Google Groups "The Java Posse" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
