As Security Concerns Lead Browser Developers Away From Plug-ins, Oracle Winds Down Support
Oracle recently announced plans to depreciate its Java browser plug-in with the release of Java 9, and will completely discontinue support at a later date. For many years Java had been a favorite of hackers due to its wide adoption and the relative weakness of the sandbox that was supposed to prevent exploits from causing widespread damage, and Oracle has been accused of being slow to respond to new threats. The situation had in recent years become so bad that Oracle themselves estimated the vast majority of all online attacks specifically targeted their java platform.
Although in recent years Adobe’s Flash has been a more popular target for hackers, Java has never been able to shed its insecure image and the developers of both Google Chrome and Microsoft Edge have already officially ended support for the plug-in, with the developers of Mozilla Firefox announcing plans to do so in late 2015. In their announcement, Oracle did not cite security concerns for the discontinuation of the plug-in, instead blaming the end of support from Chrome, Edge and Firefox as the reason why it was no longer viable.
For now, the only browser that will continue to support the Java plug-in is Internet Explorer 11, and Oracle’s migration documents suggest that developers find plug-in free alternatives to provide any functionality currently provided by Java. Oracle’s decision, along with the declining popularity and relevance of Adobe’s Flash, could signal a new era of marginally safer internet browsing–until of course the next new threat becomes apparent.