(If you’re a developer, you remember these classic articles about Java problems as well as I do. It’s worth looking back on this stuff, if only for nostalgia’s sake)
While the overall impact of these bugs is minor, negative public perception is discouraging businesses and users from truly believing that the Internet is safe.
Later this month, Microsoft will patch a bug caused by its Java implementation found in the current (second) beta of Internet Explorer 4.0. The bug could have enabled a rogue applet to corrupt a local computer system’s files. Microsoft expects the bug to be fixed when the final version of IE 4.0 ships late this month.
These are not the first, nor last, bugs to be discovered in the browsers. However, most of the flaws to date have been discovered by university researchers whose sole purpose is finding security loopholes. Virtually none of the recently reported bugs have had an impact on end users.
It’s the perception of the bugs that has a far greater impact.
“I hear about these bugs and the flaws and the scams that are taking place on the Internet, and I really wonder if it is worth the risk,” said Barry Crombe, an independent investment consultant in San Francisco. “I know that these security flaws are not a real threat; yet it still gives me pause.”
The Microsoft Java bug was not a flaw of Java, but a flaw in the Microsoft implementation of Java in IE. Discovered earlier this month by researchers at the Massachusetts Institute of Technology, in Cambridge, Mass., the bug would have enabled a Java applet that contained DirectX APIs (Microsoft multimedia APIs) to access and possibly destroy local files.
No other Java-based browsers or systems were affected by the bug, since Microsoft implements Java in a proprietary method.
Microsoft officials were unavailable for comment, but documents on the company’s Web site acknowledge the bug and state that a fix would be issued with the final release of IE 4.0.
Analysts said that users should expect to keep hearing about bugs in the future, since both browsers are expanding and growing in size and scope.
“This is software, and there are always going to be bugs,” said Harry Fenik, an analyst at Zona Research Inc., based in Redwood City, Calif. “The truth is that these create more FUD [fear, uncertainty and doubt] in the minds of users than actual problems for them.”