[584] in java-interest
Re: Questions
daemon@ATHENA.MIT.EDU (Douglas Barnes)
Mon Jul 3 20:23:37 1995
Date: Mon, 3 Jul 1995 16:30:52 -0800
To: java-interest@java.Eng.Sun.COM
From: cman@communities.com (Douglas Barnes)
> 1. What's so great about Java? (I know it but have to have someone else
> say it :) ) What does it do that others do not?
> 2. What are the downside of Java programming? Is there a danger involved
> in coding those applets? Are we going to see trojan-infested applets?
Actually, the HotJava browser itself is very poor. Most of my
excitement is over Java, because it's a great language. I also
think its associated runtime environment is already pretty good and
has the potential for greatness.
As near as I can tell, in a year or so there will be hardly any
reason for programming in C++ instead of Java.
One of the most attractive aspects of Java is that it removes many
features from C++ that were not only bad from a security point of view,
but also from an ease-of-programming point of view.
Really, I think of Java as a shotgun wedding between Modula-3 and
Smalltalk, with C++ syntax as the sugar coating to make it go down
easily in the marketplace. Since Sun managed to extract the best
parts of all three languages, I think they have a hot property on
their hands.
HotJava is really just a virus to get the Java programming language
out there. It's a really nice language with a lot of HTML handling
support built into its runtime libraries. It's also going to be
extremely portable, which is a win for any application programming
language. I'm sure some companies that are in the web browser business
will do a great job of integrating Java into their browsers; this
is, however, only a small fraction of the total potential uses for
Java as a language and runtime environment.
On the security front, there's a lot to be concerned about. Java got
one layer of the security model 100% right. Java gives you the tools
to protect the CPU and memory from wayward programmers. This is a huge
win, and gives you the tools to do everything else you need to do to
allow untrusted software run on your system.
On the other hand, the network and file-system protections need a lot
of work. The problem isn't that these things can't be protected -- they
can -- but it's difficult to come up with a way of letting a user
selectively permit access to these resources without driving this user
straight up the wall. The current implementation is so incredibly annoying
that the first thing users want to do is find a way to turn the security
off.
I think it's clear that either Sun, or some third party, is going to
eventually get this other part right. This is _alpha_ software, it hasn't
even hit beta testing yet. Certainly there are a lot of very smart people
inside and outside Sun working on how to do this. I think fears of
Trojans and other security problems need to be taken seriously, but I
think that the Java environment is a whole heck of a lot closer to solving
these problems than any other environment.
-
Note to Sun employees: this is an EXTERNAL mailing list!
Info: send 'help' to java-interest-request@java.sun.com
