How Java’s text Formats can subtly break your code

Today at work we found a subtle issue that will sometimes break your code in very difficult to find ways. Read this if you don’t like days of bug hunting for mysterious issues only occurring on high-load production machines.

Ever wrote code like this?

private static final DateFormat FORMAT = new SimpleDateFormat("yyyy-MM-dd");

Most of us did. It’s the most intuitive way to use a DateFormat to format some Date object as a human-readable String.

Unfortunately, it’s wrong.

When used in a multi-threaded context (e.g. in a Servlet), this will end up breaking. Sometimes. When you least expect it.

Continue reading

Oracle turns Java into malware!

Oooh the shame. That I ever had to see this day. It’s sad, sad indeed.

Oracle is now officially EVIL!

Oracle has turned Java into malware, by installing addware such as browser toolbars and search providers, without explanation or asking for permission, as part of *critical* Java security updates.

We don't ask for your permission to install that nasty browser toolbar of ours, we just install it!

My girlfriend suddenly noticed that the toolbar was installed on her machine. And today I found out why. Installing the latest update to Java (which is basically a MUST as it fixes critical security vulnerabilities) will, if you don’t pay close attention, also install nasty browser toolbars and search providers. Even if you had originally declined those pesky things, Oracle’s Java Installer will keep offering to install them, for *every* single (security) update, averaging about once each month or two. Until you finally forget to decline or give up on Java altogether.

Read more about it on ZDnet.

UPDATE: I found this great Youtube video on what happens if Oracle does not change it’s ways. Very funny.

UPDATE 2: Microsoft is doing similar things with Skype by allowing deceptive adds on it.