If you've seen any news about Oracle's Java program for the last four years, it's likely been a security alert. For a stretch of time, a majority of hacking attacks on computers targeted flaws in Java's browser plug-in.
Finally, after Oracle started regular updates to make Java safer, major browsers turned it off by default and many people just uninstalled it entirely, hackers shifted their attention to other browser plug-ins like Adobe Flash. Of course, that doesn't mean the threat from Java is totally over.
As long as some websites require Java, and it can be installed in a browser, people are at risk. It doesn't help that many people still have old and vulnerable versions of Java on their computer without realizing it. But that's about to end.
Oracle has announced that the upcoming Java 9 will no longer support the Java browser plug-in. Developers will need to start rewriting their sites to use Oracle's non-plug-in Java Web Start technology.
Prompting this shift in direction is Mozilla and Google's recent announcement that Firefox and Chrome browsers won't support plug-ins in upcoming versions. Given that plug-ins like Java, Adobe Flash and Silverlight are often the weakest points of security for browsers, this makes sense.
It also helps that these plug-ins are increasingly not needed. HTML5 can now handle most of these plug-ins' duties, especially Web animation and video. Learn how HTML5 is quickly taking over from Adobe Flash.
Getting rid of plug-ins doesn't automatically make browsers 100% safe. Find out what you need to do to make your browser hacker-proof.
