How to kill Java dead, dead, dead

Client-side Java is an outdated technology that now does more harm than good -- and must be eliminated despite its widespread use

Page 2 of 2

Java is still widely used for the front end of mission-critical apps and Web services -- thousands if not hundreds of thousands of them. That's why getting rid of Java on the client side will be tough. If Java went away tomorrow, many banking and e-commerce websites would cease to function, as would many electronic medical records systems and tons of specialty Web apps, from building inspector reporting tools to online voting.

Yes, online voting: France's online voting system requires Java to function. Without Java, rural and overseas voters are stuck, as there is no concept of a mail-in ballot there. (France's online voting systems also depend on specific versions of Java, so Mac users couldn't vote online in that country in last year's election.)

Those "unscheduled outages" would be devastating if OS X and Windows suddenly blocked Java, as the feds essentially asked us to do this week. If Apple couldn't make OS X Lion users suck it up and live without Java, Microsoft certainly can't do that in Windows given the hundredfold more apps in the Windows world than in the OS X world.

But here's what Apple and Microsoft can and should do: Announce that the next major versions of OS X and Windows will not run Java, period. Developers will thus have a deadline to convert their apps to Java-free versions -- a strategy that worked wonders for the major effort needed to prevent the Y2K crisis in 2000. Of course, that was a real deadline, and there's a danger that Microsoft or Apple might blink and extend the deadline, which would let developers delay even more.

To help push developers along, Apple and Microsoft should market Java-free, just like grocers market "fat-free" and "GMO-free," as an aspirational advantage and not a deficit.

But users aren't the real problem; businesses are. As much as IT staffers moan about Java, they hate to update software and operating systems, and their corporations hate to pay for it. Just listen to IT whine about how quickly Apple makes users update to OS X (about four years after release is the effective cutoff, versus six to 10 years for Windows depending on the hardware quality). Then imagine if they were told that by 2015 the then-current operating systems and the apps that run on them will need to be Java-free. Remember, parts of the U.S. Department of Defense still run Windows 2000. Yet most Java apps are those sold to businesses and are even developed by businesses internally.

The feds can help. Regulations for financial, utility, transportation, aerospace, and medical providers could designate the non-Java-free operating systems as noncompliant to security standards for gaining or renewing government contracts. Local governments would follow suit. That'd unleash a tidal wave of Java-free app updates. Loss of income is the motivation that vendors and developers need.

Of course, such dramatic action is unlikely given the government's hesitancy to interrupt the profit flow of its main owners -- er, contributors. But there may be a backup plan that's happening quietly even today: the move from traditional PC technologies like Windows to mobile ones like iOS and Android. The major mobile operating systems do not run Java apps or Java Web plug-ins. Migrating from PCs to iPads -- or making tablets a standard computing platform alongside PCs -- could be the quickest way to get rid of Java and force developers to stop using it.

If Microsoft and Apple don't make Windows and OS X Java-free platforms like iOS, Metro, and Android, client-side Java will still probably disappear over time even as Oracle tries to patch the technology in the usual security war of attrition. It just won't disappear fast enough.

We can't wait much longer. In an era where the United States and Israel have launched a quiet cyber war against Iran and others with worms like Stuxnet, and Iran has counterattacked by trying to take down U.S. banks' websites, it won't be long before Java is used like the lax airline security was on 9/11 to make something really bad happen. Already, Java flaws helped an unknown country spy undetected for five years on at least 39 nations -- the Red October hack. Stop it now.

This story, "How to kill Java dead, dead, dead," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

| 1 2 Page 2
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.