Does anyone have any ideas about why the browser plugin for applets has so many security zero-days?
If competing products like Flash, JavaScript, or HTML 5 have fewer security issues, what are the engineering reasons they're better, and how can those lessons be ported to Java?
Alternatively, maybe Java applets are actually comparable to other technologies in this space in terms of security zero-days. Its bad reputation might be merely due to the fact that relatively few people actually use it, so a recommendation to get rid of it won't break nearly as much of the Web as removing Flash or disabling JS. Is this explanation plausible?
If competing products like Flash, JavaScript, or HTML 5 have fewer security issues, what are the engineering reasons they're better, and how can those lessons be ported to Java?
Alternatively, maybe Java applets are actually comparable to other technologies in this space in terms of security zero-days. Its bad reputation might be merely due to the fact that relatively few people actually use it, so a recommendation to get rid of it won't break nearly as much of the Web as removing Flash or disabling JS. Is this explanation plausible?