Apple: Get out of Java’s Way!
May 21, 2009Following the revelation that Apple has failed to patch a flaw in its Java implementation:
http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
a flaw which was patched in Sun Java over 5 months ago, I’ve come to the conclusion that it’s time for Apple to surrender it’s control of the OS X Java implementation to Sun and the Java community.
It’s understandable that Apple’s Java will lag behind Sun Java, simply because the new code has to be adopted for OS X, which includes integration, testing, QA, developer previews, etc. However, there are many other ways that Apple has demonstrated its egregious incompetence, whether deliberate or accidental, in living up to its Java commitments and responsibilities:
- Contemptible slowness in issuing security updates, especially those based on existing patches from Sun. For a company that brags about how secure its OS is vis-a-vis Windows, this is totally unacceptable.
- Obsessive secrecy and total lack of transparency in dealing with Java developers. Instead of having a public bug database, it forces developers into signing unwieldy NDAs (non disclosure agreements) before allowing them to download developer previews for new versions of Java. This means any bugs are security issues are not disclosed publicly. Issues can only be disclosed to Apple directly. This is in sharp contrast with the totally open development model for Sun Java, which has already been open sourced and has a public community with public communication.
- Poor communication with said developers about its plans for future versions of Java. At WWDC 2007, Apple allowed only those Java developers who had paid to attend WWDC to know its Java plans for OS X Leopard when that OS would be released in October of that year. Those plans included omitting the year old Java 6 from Leopard and instead distributing only Java 5. The result was developer outrage over the omission because it was expected that Java 6 would have been included. Apple made the situation worse by deleting posts on its own forums confirming this fact, because they still had an obsessive need to keep it secret.
For these reasons, Apple is unfit as a steward of the Java platform on OS X. It has demonstrated contemptible irresponsibility in living up to its commitments:
We’re going to bring the Java platform back to the desktop in a really big way,” said Jobs to enthusiastic applause. “We are working really hard to make Mac the best delivery vehicle for the Java platform on the planet. We’re going to be there [with the Java platform] right out of the box, on your Mac.
— Steve Jobs, June 2000
Furthermore, Apple negotiated with Sun for the exclusive right to develop and distribute Java for OS X.
By failing to live up to their promises and commitments, Apple no longer deserves of being the sole provider of Java for OS X.
Fortunately, enterprising developers such as Landon Fuller are working to port OpenJDK, which is the open source version of the Java Development Kit, to OS X:
http://landonf.bikemonkey.org/code/java/OpenJDK6_MacPorts.20090516.html
I wish them the best of luck. This version of OpenJDK doesn’t come with graphical capabilities, although graphical applications can still be developed in X11 mode. Depending on whether or not Apple open sources its graphical Java code, the process of enabling this functionality could take years.
