On Tue, Mar 5, 2013 at 3:57 PM, John R. Dennison jrd@gerdesas.com wrote:
Please.
Java is doing everything in it's power to rival the insecurity records of sendmail and bind from years ago, or horde's track record or phpBB's. It's just one rolling security vector. It's apparently maintained by people that don't really know what they're doing since it's one issue after another in rapid pace. Oracle's attitude towards patches is abysmal at best and I can't see any relief in sight. Look at it this way: distro's have rolling releases and Java has rolling security vulnerabilities.
But wait - wasn't making the code 'free' supposed to take care of all those issues since everyone can now see the problems and contribute the fixes? I think RMS may have led us astray.