In recent times, Java has been the port of entry for attacks on many of the biggest giants in the information technology sector, not to mention the “zero-day” attacks in which enormous security holes were discovered after updates to the Java Runtime Environment. This situation has led the Mozilla Foundation to decide that Firefox will no longer support the Java plugin, classing it by default as non-secure. Google, for its part, has also outlined a similar maneuver.
This decision entails a huge array of consequences that will oblige countless developers to modify their products in order to untether them from the software from Oracle, a company that has worked tirelessly to achieve its fame. Ever since the recent release of Firefox 24, the Java plugin has been marked as non-secure, meaning users must manually activate it and receive warning messages when they access sites that use it. But this goes further still: starting with Firefox 26, all types of plugins except Flash will come disabled by default.
If you want to avoid all this bother, you can always switch to another browser like Chrome, but it turns out that Google has similar plans itself. In fact, the company has announced that in 2014 it will no longer support NPAPI, an API that browsers have been using for years to manage browser add-ons. Mozilla will do the same in December of this year, leaving the way forward quite obvious.
What are the implications of all this? Well, that a huge number of services that use this system will eventually have to reinvent themselves, since heavyweights like Silverlight, Unity, and Java are based on it, with only the aforementioned Flash and the PDF document viewer remaining on the “secure” list.
The reasons for this decision, beyond their relationship with software security, are centered on safeguarding the stability of the browser itself, with plugins in many cases the element responsible for the hangups and errors that occur while you’re browsing. It seems the relationship between Java and the big browsers is becoming increasingly clear.