You should junk your Java!

I’m not suggesting you stop drinking coffee – I would never deprive anyone of that life giving nectar! Heck, It’s a known fact that 95% of the tech world runs on Coffee (the other 5% substitutes alternate caffeinated beverages).

I need coffee!

What I am suggesting is that you delete, remove, and abandon Java on your computer!

Why? Well, Java isn’t needed on most computers – the odds that a user in a home environment will require Java are slim – but the Java Runtime Environment (JRE) somehow finds its’ way onto a majority of home computers. That’s not necessarily bad, but Java is “known” for a couple of traits: Poor housekeeping and security vulnerabilities.

Before I go on let me clear up some misconceptions about what Java is and is not.

Wikipedia describes Java as:

Java is a programming language originally developed by James Gosling at Sun Microsystems (now part of Oracle Corporation) and released in 1995 as a core component of Sun Microsystems’ Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities. Java applications are typically compiled to bytecode (class file) that can run on any Java Virtual Machine (JVM) regardless of computer architecture. Java is a general-purpose, concurrent, class-based, object-oriented language that is specifically designed to have as few implementation dependencies as possible. It is intended to let application developers “write once, run anywhere.” Java is currently one of the most popular programming languages in use, particularly for client-server web applications.

Let’s break that down a bit…

  • Java is a programming language
  • Java was developed by Sun, but is now owned by Oracle
  • Java runs in a virtual machine using software called the Java Runtime Environment (JRE) – this is the software you will find on your computer
  • Java programs are intended to run on multiple platforms (Windows, Linux, OSX, etc) which saves time during development

Java is often confused with JavaScript, but their implementation and uses are completely different. JavaScript is a programming language used in web development to provide advanced functionality on websites, PDF documents, etc. Java is used to write programs that are multi-platform. JavaScript is handled by your browser. Java requires a separate download. This article is about Java.

Java isn’t needed in most cases

Java programs are mostly in use at businesses. There are very few actual programs written in Java for the home user and if you do have one I would highly suggest that you find an alternative. The reason behind the use of Java based programs in business is the “write once, run many” model of Java. The business pays once for the author to write the software and has the ability to run the software on multiple platforms by simply installing the Runtime Environment. In most other instances a program would have to be specifically written for each platform. Just as at home a Windows programs will not natively run on Apple’s OSX nor will a Windows program run natively on Linux. As you can see it is purely a financial decision for most businesses.

Java doesn’t cleanup after itself

As Java has progressed through its’ various versions users would download and install updates and later notice they had 4,5, or more versions of Java on their machine. The reasoning behind this is that often software written for earlier Java versions wouldn’t function correctly leaving businesses with important programs that wouldn’t run. Good for business, but not so good for security as many of the updates were patches for security holes and leaving the old version installed also means the older version could be ran which would again expose the vulnerabilities in that version.

There’s a big hole in that coffee cup!

Java’s Runtime Environment doesn’t have a reputation as the most secure software. In the past each version has had security updates in the dozens and, in general, each update addresses multiple (sometimes numbering in the 20’s) security vulnerabilities. Add this to the fact that Java doesn’t have a history of patching security holes in the most timely manner and you can see that Java is an accident waiting to happen.

Not a rosy picture, but most attacks have been limited in their scope. An attacker can send compromised documents, or executables to only so many targets. Or can they?

Security researcher Brian Krebs has discovered evidence that exploits targeting Java are being folded into “Exploit Kits”, software often sold on the black market with the sole purpose of “infecting” computers with malware and remote control software. Not good.

Junk your Java!

For most users Java serves no useful purpose – I highly recommend you uninstall all versions of Java from your computer. If, by some small chance, a program doesn’t work after you do uninstall Java look for replacement software that doesn’t require Java to run. If all else fails uninstall Java and download the latest version from the Java website. After each subsequent update be sure to check that previous versions were uninstalled. If not, do so manually from the Control Panel.

To find out if you have Java installed you can visit the Verify Java Version page.

Posted in:
About the Author

David Hartsock

Executive Editor/Owner/Admin of Daves Computer Tips and all-around good guy - Dave's interest in computers began in the early 1980's during the Apple II era. In the early 1990's the PC began to replace proprietary and mainframe devices in Dave's industry so he began to learn and experiment with the PC. Through DOS, Windows 3.1, Windows 95, Windows 98, Windows 2000, Windows XP, Vista, Windows 7, Windows 8.1, and now Windows 10. Dave became the "go to" guy for friends, family, and coworkers with computer problems. Daves Computer Tips was born in 2006 in an effort to share these experiences with others in an easy to understand, plain English, form.

There are 18 comments

Comments are closed.