It's actually significantly different from PHP, ASP, .NET, and VB (as far as using a web browser goes). Those never run on the client machine and only end up rendering HTML. While Java can run on the back end as those do, in that manner it doesn't present a risk to the users themselves. It's when it's running on the client itself that is the problem (which is also an issue with Flash and, to a lesser extent, HTML 5).To a programmer, you're 100% correct. To an end user, though, there's no meaningful difference. Sort of how Peter viewed a store-bought application such as Office as being more "trustworthy" than Zynga's latest Farmville rip-off... the only thing server-side dynamic code generation does is add the extra step of forcing the bad guys to create a malformed request via PHP, CGI, or whatever server-side language is being used, uploading it to the server, then exploiting the results to hijack the server itself before sending malicious payloads to end users. The end user doesn't know that the code came from a hacked server rather than an infected app, only that their computer is once again acting really weird, and the kid down the street told them to just buy a new one and start over.
Best Of |
Favorites & Replies |
Start a New Board |
My Fool |
BATS data provided in real-time. NYSE, NASDAQ and NYSEMKT data delayed 15 minutes.
Real-Time prices provided by BATS. Market data provided by Interactive Data.
Company fundamental data provided by Morningstar. Earnings Estimates, Analyst Ra