Skip navigation
1 2 3 Previous Next


70 posts
While Adobe is well known for putting out plugins that have backdoor issues, and that there are enormous number of PDFs that are read every day, many times entirely by accident when opening an email, FireFox did not give the Adobe Acrobat plug-in the red-flag of no confidence like FireFox did with Java. The latest issue and fix to be released by Adobe: Why is FireFox not protecting users against Acrobat vulnerabilities like FireFox did with Java?  

Critique Blog

Posted by malcolmdavis Feb 4, 2013
My daughter is in her third year at "Alabama School of Fine Arts" for visual arts. I asked her 'what is the most important practice that has helped her art?' She responded, what helps her most is the weekly critique session done by the class. I asked what are the rules for critique, she responded that there is just 1 rule, be respectful. The more we are open to criticism, and provide input in a polite manner, the better we become. One of the downsides to working from home is the lack of reviews. :-)  

I awoke to my mobile ringing.  Our support staff was having issues. (The beauty of the web is everybody around the world can use your application, the ugly part of the web is everybody is using your application 24x7.)

Pages are broken and things are not displaying.

I GTM(gotomeeting) with the support staff to see the issues first hand.

Things are working for me, but not support.  Pages are working for some customers and not others.

  • I clear my browser cache.
  • I tried again.
  • Things are now broken for me.

Things were working yesterday.
No changes were posted recently.
The only thing that is dynamically linked in is Java's deployJava.js from

I did some testing and sure enough deployJava.js was the problem.

  • I found a local copy on my machine,
  • I posted the local copy to production,
  • I changed all pages referencing to the newly uploaded production copy.
  • Everything is now working.


What a morning.

Lesson learned: Don't reference deployJava.js directly from the site.

Now the bigger issue:
Could others that directly reference deployJava.js from still hurt us?
How many of our third parties sites and services are dependent on deployJava.js from

Amazing that a simple link can cause so many problems.

There is a much bigger issue here. During the 90’s, MSFT actually wrote software that failed if the Windows client was hooked up to a Novell network.

Example, Excel 5 COM layer failed when the client was hooked to a Novell network, while previous versions Excel COM worked.  After a direct conversation with the COM developer on Excel 5, Excel was developed that way and MSFT was not going to fix the problem. (We paid money to MSFT support for a known issue they caused and were not going to fix)

After numerous issues with MSFT anti-trust behavior demonstrated through numerous examples, I jumped ship from Microsoft based technologies in 1998 and never looked back. MSFT anti-trust behavior is why I'm doing Java development today.

Neil McAllister makes it seems to like Java 7 is a death trap.


I took a Fortan class back 1983 for Mechanical Engineering. Sometimes things just didn't work. I got a B in the class because I didn't understand that just because the code is correct, that does not mean you get the output you expect. There was a compiler in the way, and the compiler will produce incorrect results sometimes. Part of understanding programming is discovering the limitations and issues of the compiler and moving forward.


I recall having a discussion with Bruce Eckel about Microsoft & Borland C/C++. It was amazing the number of defects, compiler and linking issues existed in the products shipped by the big C/C++ languages manufactures and used in production environments. Sometimes these products caused fatal computer issues.


Amazon, the statue of fortitude, dependability and performance, had issues when Lady Gaga released an album this year. Not only did Lady Gaga cause Amazon issues, but many developers like me that have production EC2 environments were impacted, and we heard from our customers.


McAllister is yelling that the sky is falling about a compiler error in the premier release of Java7 Anybody that has done programming for any length of time, or dealt with Java or Microsoft products in the past, understands there will be issues. Even Eclipse IDE still has copy and paste issues on certain platforms.


Oracle has always struck me as a corporate warehouse and not some effigy to software engineering. The Oracle image is only re-enforced when bugs show up. However, I don't know many production developers jump on a products premier release (I have 12-month rollout schedule for Java7), and I'm sure developers know how to change a compiler setting./p>

Each year the level of expectation has grown, however if a user see's a bug, does that mean the entire program must be buggy? What is your expectation of Java 7 release?

There are many that have a romantic view of NASA and the space shuttle.

Many don’t understand that the space shuttle was a costly mistake.

There is a myth that the space shuttle was a cost effective method into space.  The decades old myth kept the space shuttle program alive.  The Saturn V program could care larger payloads, higher, for less cost.  In today’s dollars, Saturn V low earth orbit (LEO) cost is about $4K US dollars per-pound, compared to the roughly $18K per-pound for the shuttle.   (Insane that the US would pay 4x times the cost.) NASA could have done twice as much with half the cost with a single Saturn V launch every year for the past 30 years. 

The space shuttle also has limited mission scope.  The shuttle was originally developed for LEO orbit activity.  The shuttle could never take people to the moon, or really be effective for geocentric orbit missions.

While the Saturn V never had a failure, the shuttle had several catastrophic failures.  There was a 4% chance of failure on every shuttle mission.  NASA knew after Challenger that there would be another disaster the shuttle program continued.  Over a decade later there was Columbia tragedy. 


The entire concept of Space Station could never be achieved (material research in micro-gravity).  There were people in Space Station screwing up the micro-gravity; hence the material research could not be accomplished as planned.  (NASA knew this in the early 90’s and went ahead with the program anyway, wasting hundreds of billions of dollars.)

Space shuttle & Space Station are examples of a misinformed public.   There are many ex-NASA engineers and scientists that complain about the wasted resources that could have gone toward better scientific objectives.

The Bush administration took the waste to an entire new level with the Man on Mars concept.  Scientists & Engineers were so outraged by the waste, that for the first time they wrote a letter supporting the opposing candidate in presidential campaign in 2004. 

Lesson learned

* The space shuttle was sold on sexappeal rather than practicality.  Many times sexappeal is what sells product, something that our marketing team keeps telling development. 

* NASA management hid the facts about the issues and limitations from congress and public.  I’ve seen many software developers do the same thing with communicating with management or customers.

 Bottom line, not all that glitters is gold


In the docs, Java Applets default background is white.

During deploy, the background can be modified.


The Applet box is black not white.   I’m not sure when the change occurred, nor why the color was changed.  No matter what I do, the box is black for some small period of time.

The issue occurs in all the browser I've tested (FireFox, IE, and Chrome)

I have tried images, changing the Applet load attribute boxbgcolor to '#ffffff', and setting the Applet background color init.

Any ideas?

Anybody know why the default background color was changed?  Was black just in fashion at the time?



When Java 1.6.0_22 auto-update asks to update, the OS needs to be rebooted after the update. 

Not rebooting will cause issues. I’ve seen the problem, and several of our customers have complained.  Applets fail, GoToMeeting will not start, and some Java based applications don’t’ operate correctly. 

To the JavaVM team: I don’t’ recall seeing a message saying the Windows OS needs to be restarted after install.

Many people were concerned when Oracle acquired Java.

The concern seems warranted in light of lawsuits, Gosling & Lea leaving important positions, Apple dropping support, the death of JCP, and Oracle no longer providing TCK for Apache going forward.

Unlike IBM, Sun, and others, I have never used any open source of free products produced by Oracle.  (I've tested numerous Oracle products like JDeveloper, but everything I touched fell way short of expectations)

The conflict steams from the core of Oracle existences.

Oracle makes their money from selling the corporate manager, not a software developer that actually has to write code every day.

It is apparent with recent revelations that Oracle's corporate approach in impacting Java, and is the mindset is having a negative impact on Java.

During the War Between the States, generals applied old style Napoleonic war techniques with modern weapons.  The results of applying the Napoleonic system were disastrous. 

Oracle shouldn't think that the same internal processes that made RDBMS a success can simply be applied to Java.   

For Java to continue thrive and grow, Oracle needs for realize the impact, develop an internal eco system separate than the present approach, and fix some burnt bridges. 

Gosling thinks Java has too much momentum for Oracle to do real harm.  Give Oracle a chance, Gosling may be surprised how much damage Oracle can cause Java.

I download the newest release of Java when it comes out. 



As precaution, I run with the newest versions for a while prior to recommending my clients to upgrade.

The first week with 1.6_21 was hell.  Tomcat was running out memory, both NetBeans and Eclipse routinely died.

I patched my environments by setting with -XX:MaxPermSize set to 512m.



I found out the cause of my problems:  A bug arose when Oracle changed the company field name in Java from "Sun Microsystems, Inc" to "Oracle Corporation".



I went to to see if I was running the latest/greatest. The nice little display said I was running the latest. 

I used Java –version to verify, which returned Java 1.6_21-b06.

Reading the articles and blogs, 1.6_21-b06 was incorrect.  The latest was 1.6_21-b07.



went the JDK route, which uninstalled, and then installed the latest.  Now my environment says Java 1.6_21-b07.



It would be nice if Oracle would have actually look at subversions, or had this patch actually Java 1.6_22.  Yes, it’s embarrassing, I’m embarrassed for Oracle, but don’t let Java 1.6_21-b06 hanging out there by simply not updating the site.

There can be issues promoting Java applications over the Internet. There are various versions of Windows and Windows Server that run pre-6 Java, or even Microsoft Java Virtual Machine.

Verifying the version of Java on someone machine is a good way of eliminating a potential problem.

Michael Horowitz sponsors the embedded applet approach at

However, there are several issues with the embedded applet approach. One problem deals with the IE 8 browser. IE is still not entirely Java friendly, IE sometimes just decides to play dead when loading a page with a Java applet.

Sun/Oracle provides a Deployment Toolkit Script called deployJava.js. More about the deployJava.js script and usage can be found at:

deployJava.js is used for other things such as enhancing google analytics tracking of Java:


The following script will check and see if the proper version of Java is installed and will display a message if not the proper version is not installed.

    <script src=""></script>
<div id="dcontent" style="width:100%; background-color: #E2E2FC; padding-left: 5px"></div>

<script type="text/javascript">
var java_message =' <p><h2>Product XYZ requires Java</h2><p>Invalid version of Java.  XYZ requires Java 7 or higher.  You can download and install Java from <a target="_blank" href=""></a></p>'
function altercontent(){
    if( deployJava.versionCheck("1.7")==false ) {
        if (document.all) {
        } else if (document.getElementById){
            rng = document.createRange();
            el = document.getElementById("dcontent");
            htmlFrag = rng.createContextualFragment(java_message);
            while (el.hasChildNodes()) {



A future message for Java 7:



Bruce's blog:

The browser OS was the original concept of the Netscape browser back in the 90's, hence there nothing new about the concept.  Google breathing life back into the concept with Chrome can almost be expected.  Palm Pre is based on a similar technology footing, the concept of easy entry for developers because it's based on HTML, rather than some propriety type technology of like the iPhone.  

However the road ahead of Chromes if fraught with perils.  As evidenced in the following examples of other's plights to the rode to greatness.

Confusion, the story of 2 Javas
Java was supposed to resolve many problems with consistency and browser development, but a company called Microsoft got in the way.  Windows on the desktop, Corporate America either had to run Microsoft version or Sun's version of the JVM.  Due to incompatibilities of the 2 Java's, many companies that sold browser based Java products dictated which version of the JVM.  (Microsoft JVM was chosen over Sun at one of the Telecommunication firms I consulted.  Sun's JVM was not allowed in the Windows environment.) In the same vane as Java, in an effort to shape the market to their advantage, Microsoft has done a terrific job of confusing the browser market by being non-HTML standard, and going back and forth on their commitment to standards.

Business relationships, the story of Yahoo over Gmail
Yahoo still has more email accounts than Gmail.  Many companies, ISPs, secondary service providers, provide mail accounts via Yahoo.  Many people run Yahoo mail without knowing they are running Yahoo.  It is about business, and Yahoo provides a solution.  

The craziness that is HTML, the story of confusion
HTML, JavaScript, XML, CSS, etc, is a crazy mix of technology that has bothered me.  The mixing of different development metaphors into a single page, the difficulty of unit testing, issues with code readability, technology technique overlap, …., has made browser development more of an art than a science.

Example: How an object is placed on a page varies, use HTML tables, CSS <div>, JavaScript? I know people that are entirely CSS driven and use nothing but <div>.  However relying heavily on CSS has limitations.  Changes in the smallest CSS element can have cascading impacts on the overall look.  There is also the problem of mixing in the HTML & JavaScript techniques with CSS.  

While HTML 5 addresses many concerns, 5 still carries the weight of the past.

Loss of focus, the ghost of Yahoo past visits Google
Yahoo lost focus on product core, wasted money, and fell behind.  Many have equated Google behavior to that of Yahoo.  Even though trivial, Google has a rounding issue with their calculator.  Could the issue be systematic of bigger problems?

There are groups that sit around all day pounding on the search engines looking for pros and cons of the variety of engines.   They find things like the calculator rounding error, among numerous other things.  Interesting that Bing gets the calculation right when Google does not.

Diversity of environments, the story of Mac's lost conquest of Corporate America
One of the points of entry issues with the Mac into companies is the multi-discipline problem.  Many applications that are Windows specific, therefore many companies are a Windows shop.  While more and more are adopting Macs, requiring virtualization software to run Windows (i.e. Parallels) or a dual boot configuration. Introducing and supporting a second OS on every computer is not something many are willing to make the investment.

Software is continuously becoming less and less about what is on the computer, and more and more about the services provided by the browser.  However, only time will tell if Google can traverse the perils that face Chrome.

1. Microsoft Claims Victory In Open XML Standardization Battle.

Is this a victory? Was the standards committee referrer in global competition?


Did Microsoft exert pressure, or were there payoffs? I don't know and don't care. However, I feel sorry for the developers that have to support Microsoft technology due to ISO misstep. Ecma & ISO have both fallen greatly in my eyes.

I appreciate companies establishing standards communities such as Sun's JSR. I dislike pushing standards to world communities. It is something akin to the fox watching the hen house.


2. How the iPhone is killing the 'Net'

Give me a break. Yes, iPhone and Xbox lock down their devices, and so does many of the US phone companies. This typical US corporate model includes items like license, verification, and marketing fees.

Move outside the US, and the phone model changes dramatically.

Companies like OrangePartners, have removed entry barriers for the developers and small startups. OrangePartners work with developers that want to get mobile devices to end-users. They provide services to verify ME device compliance, and no licensing or promotion fees normally associated with business startups. OrangePartner makes money on margins. The more successful the application, the more money for the developer and OrangePartner.

Hence, short sighted business models, not the iPhone type devices, that is hurting US innovation. (Note, US not world wide innovation)


3. Chrysler Stakes Turnaround on IT Outsourcing

Hack, cough, another company going through Outsourcing. Nothing new. Chrysler will take people off the books, move it's cost around, and in the long run, higher people back to do the job. I'm sure there numerous people in the 14-18 year range that are ready to retire, and Chrysler is going to outsource the jobs so they don't have to pay retirement benefits. (Was I thinking that or did I say that aloud?)

I'm a big fan of ASP business models, I'm not a big fan of the outsourcing model.

Microsoft Plans Visual Studio Shell

Microsoft is finally releasing their version of a NetBeans & Eclipse environment.


Ditching the Blackberry? 

Among other technology use directions, Allan E. Alter recommends ditching the Blackberry.

Mr. Alter is a little behind the times. I made the Blackberry recommendation 3 years ago in a blog called: Planning: Managers need to sell their trucks.

The problem is not the tools (Blackberry), but the misuse of the tool in an everyday work environment. If the proper constraints and process can be applied, then the tool is great. However, when everything starts to look like a nail, then the hammer loses its value and can cause damage. Managers have slowly replaced planning with IM, to the detriment to all involved.