Java s code-signing requirements have proven to be a bust, security researchers say. Even longtime developers are losing faith in the programming language. Oracle instituted a number of changes starting with Java 7u21 in April. But research done since by Jerry Jongerius and others such as Will Dormann of CERT at Carnegie Mellon University’s Software Engineering Institute, indicate that the Java sandbox’s wounds are self-inflicted because signed applets bypass the sandbox. Bottom line, I m looking for a new language, probably HTML5, said developer since 1996.
Source: https://threatpost.com/javas-losing-security-legacy/102176/