Java rantForum: water cooler Topic: Java rant started by: curaga Posted by curaga on Jan. 23 2008,15:40
<rant>I have never liked java. It's slow. It's bloated. It takes space. If you haven't ever tried to start Netbeans, be warned. So far I have had a choice. There was nothing I couldn't get without java. But now, my bank is forcing it on everyone. They announced it in december. That they "need improved security only java can offer". As soon as I heard I mailed them a slightly heated feedback. I'm quite sure there are better ways than java to have security. What they do is forcing something on everyone, closing some people out. What's next, forced Flash 9 or you can't email? They happen to offer the best interest rates around here. But after that I couldn't use their web access, at all. Should I switch banks? Right after new year they stopped my login every time, saying I need to download java, before february, or else. And that I don't seem to be using IE. And instructions how to get java for IE. So far I've gotten in after that. They said the "new security" will look exactly the same. Ask the same things, aka one of your personal disposable security numbers. How the heck can something that slows my comp and browser down improve security? What if it crashes my browser in the middle of typing a transaction? It only brings trouble, not security. </rant> Any comments welcome, even "go get java you sucker". Posted by curaga on Jan. 23 2008,20:18
I've thought of all the options java could bring.They either only use java to ask for the number, or as a replacement for the site. If it's only for asking, I fail to see any security increase. I still type it, keyloggers still log it. And then it sends it to the server. Only use for a java app in here would be to encrypt the number for the way. But why? The connection is already 128-bit SSL encrypted. Man-in-the-middle works for that, it works wether the number in encrypted or not too. And no-one would benefit anything from getting a disposable number, as they would need a new one to do anything besides viewing. Which brings on the question, they would only want to do that in case they had broken the algorithm. And if they had done that, I'm quite sure 99% of the clients don't have anything worth doing that much work. If it's a full site replacement, more slowdown, no security gains. I just fail to see a point in all this. Does anyone know any advantage of using java in here? Posted by roberts on Jan. 23 2008,21:29
I was an early adopter of Java. Attended the first three JavaOne conferences, still have my Java ring. IMHO it is a shame what happened to Java. I regret having tried to implement it. Actually I wanted to use Python but it was too early then, early 90's. Now I don't have any interest in Java. To me, Java is like the new COBOL, business people seem to want it, but for programmers it is laborious to code and not much to show for your efforts.
Posted by WDef on Jan. 24 2008,12:15
I imagine they'd be talking about improved security at their end - on the server.I don't know much about Java but as I understand it it runs isolated from the hardware beneath it -> supposed to kind of "sand box" server-side applications. Or something? Posted by ^thehatsrule^ on Jan. 24 2008,16:51
It really depends on the target and goals. Java in most cases is very convenient to developers (includes many useful things to import in the core) and easily portable.Saying that, I do avoid java applications for my own use... due to slow load times, heavier resource usage, etc. WDef: yes, I think it's referred to as the java virtual machine Posted by roberts on Jan. 24 2008,18:55
I don't know if they ever changed it, but every app started a new jvm. Therefore slow to start and heavy on the resources. There was third party software to try to share a jvm. But then wouldn't that like having to share your sandbox?What I thought was cool about Java was Java Spaces, but then I found I could it in Ruby with rlinda. Posted by jpeters on Jan. 24 2008,19:59
Yep....TradeKing is requiring flash 9 for loggins beginning Feb 9th (allegedly for security reasons) ...and don't forget to update...there's a new JAVA version just released. And for even more security, it will install Google seach bar at the same time by default... Posted by humpty on Jan. 25 2008,14:09
when java came out, it promised to be some sort of globalsolution. but it turned out to be another 'basic' requiring it's own runtime engine- what a con. so it tries to make up for it by employing the backing of 'industry technologies'. i think it was the hassle of setting up the development system, the license and the fact that something written in java was not guaranteed to run on all java systems/versions. it just turned out to be a complete mess. i guess it's the language i love to hate. i would also send that bank a strong letter. if other companies don't need java, what excuse have they got? i'm thinking that the young programmers these days are forced into java by the educational institutions, and carry it on to thier jobs. so converting to java is way to make it easier on themselves. Posted by curaga on Jan. 25 2008,22:06
Thanks for sharing your views.I've got an update to their reasoning. The java part would only be used on the client, thus the need for java on the client. And the alleged security increase in their FAQ is "using java helps keep your bank session off the computer's memory later", by which I guess they mean browsing history. That, the only reason they have provided, is so false. Even Internet Exploder doesn't save SSL encrypted pages to the history nor in caches by default, and no-one turns that switch on. And, in the official press release, hidden deep in their site, they tell it's because a Danish company uses it, and that company bought them in Dec. Wow, what a great reason to do so! I'm torn between my principles and economics. There is a part-ful solution, their XML interface for pda's and mobiles. It doesn't require java, not even after Feb, hopefully not ever. It's small, fast, text-only, but still lets do most important things like moving money around. Opera renders it quite nicely. Posted by WDef on Jan. 26 2008,00:34
Java seems to have found a very strong niche on cellphones. Google Android is also built in java on top of linux., and there's some serious expertise going into that. So it must have its appropriate use case I guess.But what you're talking about is the forced use of java on the desktop in order to access a service. Just like we have to upgrade to flash9 for certain websites now. At least we're (usually) not being forced to use IE anymore. Not much of a consolation, but we have Firefox to thank for that. Posted by jpeters on Feb. 01 2008,09:28
There's hope. TradeKing backed off, and sent out an email regarding their login "upgrade" :"For Linux users, people using computers at work and others who are unwilling or unable to use Flash 9.0 we are making an alternative keyboard display available." Apparently, the poison emails, mocking phone calls, and other abusive ridicule proved effective, once again. My mother was right! Posted by stupid_idiot on Feb. 01 2008,13:34
i.e.Intelligence is secondary to determination! Posted by spark-o-matic on Feb. 02 2008,05:58
Boy. I Gotta do some ranting of my own here.Computers are a very useful tool in both our professional and personal lives. But, they ARE NOT the End All, Be All of civilization!!! Even the electric light is a very recent development. How many stores can even get you through the checkout line if the power fails or the computers are down. When was the last time a checkout person counted your change back to you. Many are NOT even capable of figguring out how much change to give unless the computer tells them! The stuff I do is mostly web-based. I use PERL because it runs serverside, which a resonably controled environment compared to the vast variations in OS and browser on the EU side. I usualy try to stay within HTML 1.0. I MAY include java enhancements, but it is NEVER requried for basic functionality! Have you ever heard of a chat room with webcam support and visualy impared friendly that DOES NOT need java, flash, php, asp, etc..? I did that. ANYONE who says you have to have anything other then HTML 1.0 is a complete IDIOT and has NO clue what their talking about! And this whole PHP thing. Supposed webmaster's who have never writen a single bit of code in their life and have no idea about anything insisting that their pages be written in PHP because they think its the latest thing. Who cares if it doesn't work...they just like that extention. Look at your site sats at the 404's. Their mostly PHP. I'm guessing idiots who have nothing better to do with their life looking to exploit vunerabilities. Posted by curaga on Feb. 02 2008,06:54
Why don't the corporations have even remotely similar mentality as the users here?BTW, I'm interested in how did you create webcam support with HTML 1.0. Posted by spark-o-matic on Feb. 02 2008,07:25
comercialy available capture and ftp upload and meta-refresh. Java enhacements improved stability, but the basic functionality existed w/out java. It was a specialty thing. 2 dj's on radio live from 2 different locations and in the chat w/ their cams side by side at the top. Actualy, although a number of people claimed no java support, it detects what is supported on entry and there has never been a user since 2001 who didn't have the java for enhacments. things such as appending ?t=[$time] w/ java help solve caching problems better then pragma-nocache. would it be ok now to add a link to my site...I didnt want to get labled as spam right off? |