Comment by Timothycquinn

Comment by Timothycquinn a day ago

15 replies

View on Hacker News

Considering that Microsoft was a completely different beast in that time, I'm not surprised it does not seem that silly.

M$ (appropriate name for that time) of the day was doing its best to own everything and the did not let up on trying to hold back the open source internet technologies until the early 2010's I believe. Its my opinion that they were successful in killing Java Applets, which were never able to improve past the first versions and JavaScript and CSS in general was held back many years.

I still recall my corporate overloards trying to push me to support IE's latest 'technologies' but I resisted and instead started supporting Mozilla 3.0 as soon as they fixed some core JS bugs for our custom built enterprise JavaScript SPA tools in the early 2000's. It turned out to be a great decision as the fortune 500 company started using Mozilla / Firefox in other internal apps in later years long before it became common place.

int_19h 21 hours ago

I don't think it was Microsoft that killed Java applets. I mean, for one thing, they always worked in IE, which was really the only avenue through which MS could have affected them.

No, Java applets failed because they became the poster child for "Java is slow" take. Even though it wasn't exactly true in general, it was certainly true of applets, what with waiting for them to download and then waiting for the JVM to spin up.

What killed them was 1) HTML/JS itself getting better at dynamic stuff that previously required something like applets, and 2) Flash taking over the remaining niche for which HTML wasn't good enough.

Reply View 4 replies
  • cap11235 11 hours ago

    Even prior to HTML5 stuff, Flash was just a better UX than applets, which always felt like your browser was loading an application, vs being an element in a page.

    Reply View 0 replies
  • immibis 11 hours ago

    Another reason Java applets ultimately failed was the never-ending stream of sandbox escapes, which is inherent to their design of running trusted and untrusted code in the same VM and trying to keep track of which is which. It turns out it's much more straightforward to sandbox the whole VM.

    A representative vulnerability is "trusted method chaining". You (the attacker) construct a chain of standard library objects that call each other in unexpected ways. You can make use of the fact that you can subclass a standard library class and implement a standard library interface, in order to implement the interface methods with the base class's implementations, to construct more unusual pathways. Then you get some standard library entry point to call the first method in the chain. Since your code doesn't appear on the call stack at any point (it's just the standard library calling the standard library) whatever is at the bottom of the call stack, at the end of the chain, infers a trusted context and can access files or whatever. Of course, finding a method chain that's possible to construct and does something malicious is non-trivial.

    Reply View 0 replies
  • cubefox 16 hours ago

    Java Applets also froze the entire browser when loading. Even more so than the Windows Media / QuickTime / Real Player plug-ins. Only the Flash plug-in didn't noticeably freeze the browser. It was heavily CPU optimized and even used AVX for rendering, as far as I remember.

    Reply View 1 reply
    • cesarb 11 hours ago

      > > No, Java applets failed because they became the poster child for "Java is slow" take.

      > Java Applets also froze the entire browser when loading.

      More than just "poster child", I believe Java applets are the origin of the "Java is slow" meme. The first time many people heard of Java would be when it locked up their browser for a whole minute while loading an applet, with a status bar message pointing to Java as the culprit.

      Reply View 0 replies
grandiego 20 hours ago

Applets died because of many reasons, like absurd startup time for the JRE (often just for silly animations), absurd memory requirements (for the time) and associated crashes, weird compatibility issues in the initial releases of the Java platform, a silly security model based on the assumption that only good actors will be able to get a CA certificate in order to do whatever they want in your PC, an immature sandboxing technology in browsers (not only IE), etc.

Reply View 0 replies
notpushkin a day ago

> M$ (appropriate name for that time)

It’s even more appropriate nowadays, I’d say.

Reply View 3 replies
  • lukas099 10 hours ago

    M$ used to be an appropriate name for Microsoft. It still is, but it used to be, too.

    Reply View 0 replies
  • eptcyka 19 hours ago

    Never not been appropriate.

    Reply View 1 reply
    • twodave 9 hours ago

      Yeah, it’s just that Googl€, A₽₽le, etc. have all caught up with them. If they’re all the same then there’s less of a need to differentiate anymore.

      Reply View 0 replies
account42 16 hours ago

Microsoft hasn't really changed that much besides getting a better PR department.

Reply View 2 replies
  • sillystu04 10 hours ago

    They've adopted a different flavour of devilishness. See VSCode versus Visual Studio, or their approach to AI.

    Bill Gates would've bought OpenAI. Satya shares their mission of developing AI for the good of humanity. He charitably donated billions of dollars in Azure credits in exchange for nothing besides a voice at the table and a license to help enable other organisations use AI through MS services.

    In a way it's a PR difference, but I feel that understates the change.

    Reply View 0 replies
  • aaronbaugher 11 hours ago

    It also has a lot more competition in the Evil Big Tech Co space than it used to.

    Reply View 0 replies
immibis 6 hours ago

Microsoft is still trying to hold back everything they can - they're just losing.

Reply View 0 replies