SoylentNews is people
SoylentNews
Or so El Reg is telling us:
Apple's Windows apps have leapfrogged Oracle Java as the biggest security risk to PCs in the US, according to a study by vulnerability management outfit Secunia (now a Flexera Software company). [...]
Secunia's latest quarterly report, seen by The Reg, is a snapshot of software security on PCs used by folks in the US and 14 other countries. For the first time in four consecutive quarters, Java 7 isn't topping the list of most dangerous programs: Apple apps have taken the lead in the third quarter of 2015. [...]
Apple QuickTime 7.x and Apple iTunes 12.x top the list as the most exposed applications on US Windows PCs – a lot of people use them and not a lot of people are patching, in other words.
I thought the greatest risk to Windows PC users was the fact that Windows is installed on it. This seems to continue with Windows 10 according to this story also from El Reg.
(Score: 3, Interesting) by Marand on Wednesday October 28 2015, @11:25PM
I really wish they'd be more specific and say "Oracle Java Applets", which are not al that common, rather than Java as a Language or a VM.
I agree, but good luck getting anyone to properly make that distinction when people that should know better still commonly confuse Java with JavaScript, two languages with almost nothing in common other than four letters of their names. It's like confusing your car and your carpet.
It's a travesty, but that's what happens with design-by-committee naming, especially when you get marketing involved. (See here. [javaworld.com]) A clearer choice would have been to name the parts separately, but when the language started (before it became Java), the applet aspect didn't exist and there was only one language, so it probably didn't make sense to separate the language and VM. By the time the applet idea happened and trademarking discussions started, marketing was involved and there was probably no chance in hell they could get named more clearly.
Surprisingly, this is something Microsoft deserves credit for; C# is the language (like Java), .NET is the platform (like the Java platform and API), and the CLR is the JVM equivalent. It's a disaster from a marketing standpoint, but it's explicitly clear which part you're talking about at any point. Of course, MS had the benefit of hindsight here, because Java had already tread that ground and made those mistakes for them. On the Java side, we're stuck with people forever conflating java applet vulnerabilities with "omg Java sucks look at all the security problems!"
---
Personally, I think java applets should die in a fire and I hate the Java programming language, but I still have some respect for the design of the JVM and like a few of the languages that target the JVM, like Clojure. It's also interesting that the JVM + built-in classes has a lot in common with what I've read about the Smalltalk-powered, object-based computer Alan Kay and others worked on in the dimly remembered ancient history of computing. Add a shell (or REPL) and it's like a virtual OS with its own path (CLASSPATH) and programs (the classes), and you sort of get a feel for what Smalltalk and the Dynabook were supposed to be, albeit in a lesser form.
I've found this side of the Java platform to be interesting and even rather nice, though only after finding a language that isn't Java to make interacting with it tolerable.
(Score: 3, Touché) by takyon on Thursday October 29 2015, @01:06AM
JavaScript, what's that? I code in ECMAScript.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]