There was a time, not quite ten years ago, when many serious people expected Java to be the dominant computing platform of the future.
The technology business is overflowing with similar stories of products that received inordinate attention for a time, only to fade when real decision making came along.
One of my favorites is Virtual Reality, which was headline stuff in the late 90s for reasons which escaped me even then.
But Java had a serious argument behind it: For a variety of reasons, security among the most important, the idea of a virtual machine environment and Internet-based programs have some appeal, practical experience aside.
Consider technology loudmouth George Gilder, who thought that Microsoft software was headed for antiquity and that the future was in Java applets.
Many lawsuits and real-world trials later, Java is still a major platform for server-side application development, but only one of many and no longer the one with momentum.
Heavily influenced by Java, Microsofts .NET has more mind share where it counts.
On the client, I can no longer say that Java is in freefall because its closer to rock bottom. As a client application development platform its far behind a wave of interpreted languages like Ruby and Python. Yes, there are still a few oddball Java applets out there, but you rarely hear about innovative new programs being built in it.
There are still major companies behind it, such as Oracle and Sun itself, and the use of Java in the Advanced Placement Computer Science tests guarantees that students will continue to learn Java in the future. But they wont use it much past the test.
Since Sun successfully forced Microsoft to withdraw their own Java implementation from Windows, Java on Windows has become a difficult affair. Sun has never been all that good at delivering Java to Windows users, and a recent security update to an ancient problem with the Java platform underscores all this.
The problem, first raised almost two years ago, takes advantage of the fact that when you install a new Java version it doesnt usually overwrite the old version.
Java programs are left in place because of significant problems in backward compatibility of new Java versions with old Java code. Hence, Java applets may specify in the OBJECT tag. So much for "write once, run anywhere"—some programs wont even run on later VM versions on the same computer!
For instance, right now in my Internet Explorer Manage Add-ons dialog box, I have 6 copies of "Java Plug-in" installed, and one labeled "Java Plug-in 1.5.0_06". In my Add/Remove Programs dialog box I see the following:
- J2SE Runtime Environment 5.0 Update 2
- J2SE Runtime Environment 5.0 Update 4
- J2SE Runtime Environment 5.0 Update 6
- J2SE Runtime Environment, SE v1.4.2_03
- J2SE Runtime Environment, SE v1.4.2_06
Are any of these superfluous? How the heck am I supposed to know? But those versions are a problem, since there have been many updates in Java over the years to address security issues.
A malicious program could specify that it should run in a particular old version that has known vulnerabilities, and Java will happily oblige. This has somehow been fixed in the latest update.
But as the Washington Posts Brian Krebs points out, applying Java updates is an unpleasant process.
The comment thread below that blog entry reinforces what Ive sensed over the years: People no longer necessarily install Java, and they dont notice it missing when its not there.
Years ago, there were numerous sites I went to that had Java components on them for displaying data in ways richer than HTML could handle. Nowadays this is the province of Flash and AJAX.
Nobody uses Java for it, and if more sophisticated and intensive computation needs to be performed it is done on the server, not the client.
Mostly, in the end, it appears that Java on the client lost out to Flash of all things! This must be embarrassing for Sun, but it puts Java in its place. It couldnt even be competitive in the most inessential of tasks.
Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.
More from Larry Seltzer