ciplogic.com
Live with grace. Write superb software.

An interesting article is making waves on dzone and twitter:

http://blog.dripstat.com/removal-of-sun-misc-unsafe-a-disaster-in-the-making/

TL;DR: the sun.misc.* package it's going to be removed, a bunch of libraries are using it, apocalypse will ensue, just because Oracle removes packages for "no reason". (I kid you not, the dripstat author actually states that).

No it's not a new thing. No it's not the apocalypse now either. Let's break it down on why:

1. It's not at all a "no reason" change

It's because Java has become so full of security exploits, it's not even funny at this moment. It's scary to see how in January a patch fixed 19 security holes, with 13 of them being show stoppers. Oracle themselves explains it at length even.

It's not because:

"This engineer hates the Unsafe class for no real reason at all.."

That's a silly statement, to say the least. (To be honest, I get my blood boiling a bit just reading that sentence, because it's insulting to the engineer)

It is because people are loosing trust in the platform. Why would you go with a platform ridden with bugs like that? What's the point in using whatever framework that is allegedly super secure, if the JVM itself it's the weakest link. That is what makes Java now loose billions.

That's the reason why Apple dropped Java altogether, because its security was in the gutter.

2. It's a private package of the JVM

If you're bold enough to use it, you should be bold enough to write your own thing. Why should Oracle be bound by some form of moral requirement to document some whatever cryptic legacy code, that people reverse engineered in the first place? What. The. Hell.

Probably this tweet captures the essence of the whole thing: 

It's not even such a big deal. I swear!

Do you know what else introduced breaking API changes for public APIs? The endorsed folder. It's what stuff like WebLogic uses to overwrite already published public APIs. I'm going to reiterate this: There is already the endorsed folder, that allows overwriting public APIs from the JVM, and people are using it. This is a great thing actually, especially if the API was not finalized. Why getting stuck with an API for the next two years?

Public APIs! And you see that the universe imploded? Billions of dollars were lost? Calm down people, jeeeez.

3. There will still be YEARS of Java 8 support

Oracle doesn't just throw away JVMs, and then just plugs support out. If the program you're using, and its creepy library that needs the sun.misc.Unsafe are that important, go buy support. I mean, for crying out loud, you can still get Java 6 support that people were using to connect to dinosaurs. And the Java life cycle support it's for 11 (eleven!!) years.

So finally, please all, can you just chill out?

It's all for the better I promise.

PS: I am not affiliated with Oracle in any shape or form, beside I'm developing and using Java, and I'm a certified JEE5 Enterprise Architect.

Disqus Comments

comments powered by Disqus

Germanium

The one to rule them all. The browsers that is.

SharpKnight

SharpKnight is an Android chess game.

MagicGroup

MagicGroup is an eclipse plugin.