YOUR FEEDBACK
Java Application Development wrote: Take advantage of to add AJAX behaviors to your Spring-based Java Web applicatio...
Aug. 21, 2008 02:19 AM
Did you read today's front page stories & breaking news?

SYS-CON.TV: How Do You Minimize Unpleasant Surprises in Your Java Code? Guest Nigel Cheshire

2008 East
DIAMOND SPONSOR:
Data Direct
Frontiers in Data Access: The Coming Wave in Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
Intel
Virtualization – Path to Predictive Enterprise
Green Hills
IT Security in a Hostile World
JBoss / freedom oss
Practical SOA Approach
GOLD SPONSORS:
Software AG
The Art & Science of SOA: How Governance Enables Adoption
PlateSpin
Effective Planning for Virtual Infrastructure Growth
Fujitsu
Automated Business Process Discovery & Virtualization Service
Ceedo
Workspace Virtualization
Click For 2007 West
Event Webcasts

2008 East
PLATINUM SPONSORS:
Appcelerator
Think Fast: Accelerate AJAX Development with Appcelerator
GOLD SPONSORS:
DreamFace Interactive
The Ultimate Framework for Creating Personalized Web 2.0 Mashups
ICEsoft
AJAX and Social Computing for the Enterprise
Kaazing
Enterprise Comet: Real–Time, Real–Time, or Real–Time Web 2.0?
Nexaweb
Now Playing: Desktop Apps in the Browser!
Sun
jMaki as an AJAX Mashup Framework
POWER PANELS:
The Business Value
of RIAs
What Lies Beyond AJAX?
KEYNOTES:
Douglas Crockford
Can We Fix the Web?
Anthony Franco
2008: The Year of the RIA
Click For 2007 Event Webcasts
SYS-CON.TV
SYS-CON.TV WEBCASTS
JACKBE The Big A(architecture in AJAX)
INSTANTIATIONS Eclipse Rich Internet Platform with Taylor and Milinkovich
YAHOO! Applying AJAX to Speed User's Journey
ENERJY WEBCAST Java Code Quality Management
APP SERVER SHOOT-OUT with Microsoft, IBM, JBoss, Sun, BEA, and Oracle
TOP LINKS YOU MUST CLICK ON


Java Industry News
What PHP Needs to Learn From Java
We all know that there isn't a single language or platform that is totally secure

By: Calvin Austin
May. 12, 2007 01:45 PM

We all know that there isn't a single language or platform that is totally secure, much in the same way that no matter how well you secure your house, its still possible to leave a door unlocked. However if your house has few locks, open windows and is it a bad neighborhood, shouldn't you do something about it?

The house I am referring to is PHP, great for prototyping and building applications quickly, but has a long way to go before it provides the automatic piece of mind Java does. We track vulnerabilities on all platforms and applications that use PHP are often the target of attacks. Was it the application developers fault, possibly, but there is little help for PHP developers to find out if they are really writing insecure code and without a security manager like Java, any small mistake can become a big exploit.

My colleague Ezra has started a new open source php security tool to audit php applications, phpsecaudit if you have any php code lying around check it out. We are looking for other contributors too. As for me, my first choice is still Java, even if it does take longer to create something the first time around.

Published May. 12, 2007— Reads 20,656 — Feedback 3
Copyright © 2008 SYS-CON Media. All Rights Reserved.
About Calvin Austin
A section editor of JDJ since June 2004, Calvin Austin is an engineer at SpikeSource.com. He previously led the J2SE 5.0 release at Sun Microsystems and also led Sun's Java on Linux port.

YOUR FEEDBACK
Casper Bang wrote: For a company which claims to always have had a RIA platform, applet's were surprisingly sucky and JavaFX is remarkably vapourwareish. I find it ironic you can claim Java as a success in this, when it's Java's scripted sibling language JavaScript who now dominates the web experience here 10 years after.
NN wrote: Yes Java has fail our time and time. SUN has fail in so many ways that unimaginable in terms of making money and consolidating as of the top 3 software maker. 1. BEA made lot of money 2. Adobe Flex base has more demand compare to Java base anything i.e. JavaFx or JSF. Even Flex latest version is somewhat better but created more penetration compare to Java base plug-in or similar. 4. AIR again from Adobe can give Flex to desktop transition with ease. Swing fail in so much and SUN never ever care to address that. Yeah Java Web start if you care more. 5. still more
Richard Monson-Haefel wrote: Jonathan Schwartz is right (mostly). Java has always been a RIA. In fact, I would say that Java pioneered this market. That said, Java didn't succeed as a RIA for a couple of reasons. First was speed - not just speed of the applet plug-ins but also speed in downloading. Broadband was not common in 1995 - 2000 and its hard to be successful with a RIA technology when everyone one is sporting 14.4 - 56k modems. Another big reason Java was not successful as a RIA platform was that the Java plug-ins were very inconsistent across browsers. I believe that Sun has learned that lesson and now provides the plug-ins for nearly all browsers themselves. I suspect that the new plug-ins that support JavaFX will all be built by Sun. Before there was Adobe Flex or Ajax there was Java. There was also Curl which was released as product in 1998. DHTML also had a run at the RIA market but failed for m...
LATEST LINUX STORIES
By Maureen O'Gara
Microsoft is going to pump up to $100 million more into Novell for additional certificates that it will sell or give to customers to redeem for SUSE Linux support. Novell should get the money on November 1 right before the second anniversary of the widely loathed Microsoft-Novell pact ...
By Virtualization News Desk
Red Hat CTO Brian Stevens, Citrix CTO Simon Crosby, Egenera CTO Pete Manca, Allen Stewart, Group Manager, Windows Virtualization at Microsoft, and Brian Duckering, Sr. Director of Products and Alliances at Symantec were the top industry executives who joined Jeremy Geelan in the 4th Fl...
By Linux News Desk
IBM introduced a series of new products, services and initiatives that further expand IBM's commitment to Linux and open source by enabling the next generation of Linux. As the company marks ten years of support for Linux, IBM announced a number of cross-company initiatives to driv...
By RIA News Desk
Two of the biggest launches in Rich Internet Application history took place in 2007/2008 when Adobe launched AIR 1.0 in February '08 and Microsoft launched Silverlight (September '07). At the 6th International AJAXWorld RIA Conference & Expo in October SYS-CON Events is delighted to be...
By Maureen O'Gara
VMware, which seems to be as far from open source as you can get these days, has joined the Linux Foundation, promising to make more contributions to the Linux community. It's cultivating the Linux crowd as adoption of Linux expands as a result of its position as a platform for cloud c...
By Maureen O'Gara
IBM, Canonical, Novell, Red Hat and the distributions’ hardware partners are ganging up on Microsoft, intending to push a Microsoft-free desktop alternative involving Linux, Lotus Notes and Lotus Symphony. They think they see an auspicious constellation of stars in the sky – like P...
SUBSCRIBE TO THE WORLD'S MOST POWERFUL NEWSLETTERS
SUBSCRIBE TO OUR RSS FEEDS & GET YOUR SYS-CON NEWS LIVE!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021

SYS-CON FEATURED WHITEPAPERS

MOST READ THIS WEEK
By Virtualization News Desk
By Maureen O'Gara
By Eric Newcomer
By Glyn Moody
By Linux News Desk
By Virtualization News Desk
By Maureen O'Gara
ADS BY GOOGLE