You are here: Home / Blog / On Apple Disabling Java by Default

On Apple Disabling Java by Default

2nd May 2012 by 4 Comments

Apple is disabling Java by default in the last update which is a perfect solution to the risk that Java presents to the desktop. At the same time, it’s drives a stake into the heart of Java as a viable desktop platform.

For the last decade, Java has been a major security weakness but very, very few people actually use it. Think about it, Java is widely installed but not widely used.

Perversely, Java supporters regularly claim how widespread the installed base is and point to high levels of installation so that you can be sure it “works on all platforms”.

As network engineers know, it’s doesn’t work on most platforms. Java applications as sold by network vendors do not work on Mac OSX, or Linux or BSD. They only work on Windows. For example, Cisco ASDM, IDM, Security Manager and many more. Bluecoat ProxySG client is unreliable on the MAC, Juniper ScreenOS interface for the Netscreen firewall needs to use DHTML.

Apple’s decision to actively disable Java by default means that Java will lose signficant market share when reported as “platofrm availability”. It may be installed but it will not show as active from web surveys anymore. Even better, Apple has arranged for Java to auto-disable after 35 days of no usage.

Kick it when it’s down. Just like Adobe Flash is gone, this is probably the end of Java on the workstation.

No one needs Java on their desktop. It’s like infesting your body with lice and hoping you won’t get rabies. Good step by Apple to solve the Java security problem on a permanent basis.

Good riddance to Java.

Filed Under: Blog, Security
About Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus

  • David Magda

    Don’t disagree with you, but I’m not sure how many better options there are. Just had to install Flash on a laptop because HP’s Flex-10 switches in an enclosure need it for the configuration interface. Of course it didn’t work with Flash 11.2 or 10.2 on the Linux laptop I started with, so I had to get a Apple device which had Flash 10.1.

    The HP enclosure configuration web interface _appears_ to be straight HTML, but it won’t work under Safari 5 (arguably one of the better web clients out there). It works just fine with Firefox on OS X.

    So Java sucks, Flash doesn’t work, and HTML doesn’t work on some modern browsers either. Of course HP’s iLO CLI is absolutely horrid as well.

    So what’s left?

    • Crawlerin

      Snmp or similar tool and company’s own (cr)application interface

      Seriously though, i have noticed Java plugin is disabled in firefox too since … I do not know exactly when. Unfortunately there are still man custom projects for various tuff out there that requires it (tax office portal in my country or so – woking in IE only of course.)

  • Miles

    Can Apple  do anything  wrong  in your eyes? 

    • http://etherealmind.com Etherealmind

      Fair comment but there is not a lot to criticise. Apple makes quality products, that do what they say. I have few, in any, reliability problems with their products. The company appears to deal honestly and consistently with it’s customers.

      They are tough on the pocket though. And not good at indicating their future directions.

      Is that a fair trade off ? It is for me.