Java vs. JavaScript: And the Winner Is… Both?

By: Morpheus Data

The two popular development environments are expected to benefit from long-awaited new features in their upcoming releases.

TL;DR: Long seen as rivals — and often considered outdated — Java and JavaScript remain the most popular development environments, despite their perceived shortcomings. Many of the criticisms of previous versions in terms of modularity, portability, and security are being addressed in new releases of both systems now under development.

At one time in the not-too-distant past, both Java and JavaScript were reported to be ready to breathe their last. Java was deemed so insecure that in 2013 Carnegie Mellon University’s Software Engineering Institute and the U.S. Department of Homeland Security warned that people should disable Java in their browsers unless using it was “absolutely necessary.”

Meanwhile, cross-site scripting attacks and other vulnerabilities led many to question the security of JavaScript. Still, few people have come out in favor of disabling JavaScript altogether because doing so renders most websites all but unusable. Chris Hoffman explains why in a February 28, 2013, article on the How-To Geek.

Fast-forward to 2015, and the outlook for both Java and JavaScript appears much rosier. Not only do both continue to top the list of most popular development platforms (as Mashable’s Todd Wasserman reports in a January 18, 2015, article), enhanced versions of each are expected to arrive (relatively) soon.

Some of the improvements are already apparent. For example, Cisco Systems’ 2015 Annual Security Report finds that Java exploits decreased 34 percent in 2014 from the previous year, as ProgrammableWeb’s Michael Vizard reports in a January 29, 2015, article. The drop is attributed primarily to Java’s implementation of automatic updates.

The prevalence of malware targeting Java dropped considerably in 2014, due in large part to implementation of automatic updates. Source: DarkVision Hardware

While attacks targeting JavaScript have increased as more developers choose the scripting language for both client- and server-side apps, JavaScript founder Brendan Eich recently predicted that the language would ultimately supplant Java as the premiere development platform for the web and elsewhere. In a February 13, 2015, article, InfoWorld’s Paul Krill reports on Eich’s presentation at the recent Node Summit conference in San Francisco.

Is Java development finally back on track?

When Oracle acquired Java as part of its purchase of Sun Microsystems in 2010, the product was in sorry shape, as ITworld’s Andy Patrizio writes in a February 13, 2015, article. In addition to critical bugs, most of Sun’s Java development team departed soon after the merger. This helps explain why so much time passed between the releases of Java SE 7 in 2011 and SE 8 in 2014.

With the impending arrival of the more modular Java 9, the tide is definitely turning. JavaWorld’s Jeff Hanson explains in a February 2, 2015, article that despite Java’s object-oriented nature, the current version doesn’t meet developers’ modularity requirements: object-level identity is unreliable, interfaces aren’t versioned, and classes aren’t unique at the deployment level.

The Open Service Gateway Initiative (OSGi) has been the primary alternative for modular Java, providing an execution environment, module layer, life-cycle layer, and service registry. However, OSGi lacks a formal mechanism for native package installation. Project Jigsaw is expected to be Java 9’s modularity component, while the Java Enhanced Proposal (JEP) 200 and JEP 201 will build on Jigsaw for segmenting the JDK and modularizing the JDK source code, respectively.

JavaScript’s fortunes are tied to the growing popularity of HTML5, the combination of which is becoming the de facto standard for websites, enterprise apps, and mobile apps, according to Developer Tech’s Carlos Goncalves in a January 23, 2015, article. The downside of this tandem is a lack of security: code is stored on both the client and server as clear text. JavaScript obfuscation is being used increasingly not only to protect systems and applications, but also to enforce copyrights and licenses.

One way to future-proof your databases is by using the new Morpheus Virtual Appliance, which provides a single dashboard for provisioning, deploying, and managing your heterogeneous MySQL, MongoDB, Redis, and ElasticSearch databases. Morpheus offers a simple point-and-click interface for analyzing SQL, NoSQL, and in-memory databases across hybrid clouds in just minutes. Each database instance you create includes a free full replica set for built-in fault tolerance and fail over.

With the Morpheus database-as-a-service (DBaaS), you can migrate existing databases from a private cloud to the public cloud, or from public to private. A new instance of the same database type is created in the other cloud, and real-time replication keeps the two databases in sync. Visit the Morpheus site for pricing information and to create a free account.