While Java has the potential to be a serious security threat to a system, the current risk from hostile Java applets, viruses, and Trojans is low. So far, all of the disclosed serious holes have been discovered by trusted Java researchers. When a substantial Java or plug-in exploit is discovered, browser manufacturers rush to close it and by the next browser version update, the problem is gone. The less serious threats of rogue Java code have been contained by the security “sandbox,” and at most require a reboot.

Furthermore, as Java developers and users start implementing the stronger security mechanisms Java 2 provides, the current potential threats should lessen. Albeit, the security risk potential for Java will increase for Java as it becomes more prevalent on the Internet and as more hackers pick it up as their language of choice. My biggest concern is how difficult it will be for end users to utilize the newer security model as part their normal processing. It is hoped that browser manufacturers and Java developers will automate the process as much as possible.