Java Creator: Huge Security Hole in .Net

SYDNEY, Australia – James Gosling, developer of the Java programming language, said this week that Microsoft’s .NET development platform suffers from “a security hole big enough to drive many, many large trucks through.”

Speaking to developers at a programming event, Gosling commented that, “The Microsoft folks made a big deal of being able to support C and C++ on the [common language runtime], and that, to my mind, is one of the stupidest, most offensive things they could have done.”

The problem, said Gosling, is that several features of C and C++ are not consistent with or bounded by tight memory model integrity.

“C++ allowed you to do arbitrary casting, arbitrary adding of images [and] pointers, and converting them back and forth between pointers in a very, very unstructured way,” said Gosling, who currently serves as chief technology officer of Sun’s developer products group.

Gosling went on to compare .NET’s security model to that of Java, saying, “A lot of things in [Java’s] exception handling, they depend really critically on the fact that there is some integrity to the properties of objects. So if somebody gives you an object and says, This is an image,’ then it is an image. It’s not like a pointer to a stream, where it just casts an image.”

Also on hand at the event was Microsoft developer Charles Sterling, who defended his company’s product by pointing out that .NET requires additional permission to execute C and C++, so developers have the freedom to decide for themselves whether to use older, unsafe code in their applications.

Sterling added that of more than one thousand developers using .NET frameworks, he knows of only one who is implementing C and C++ in his applications.

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

German Court Upholds Ban on PornHub, YouPorn

Germany’s Berlin Administrative Court has upheld a “network ban” on adult sites Pornhub and YouPorn for failing to comply with that country’s age verification regulations.

OurDream.ai Debuts New Porn Generator

OurDream.ai, an AI porn-generating platform, has launched an upgraded version of its AI engine.

AEBN Publishes Popular Searches by Country for February, March

AEBN has released the list of popular searches from its straight and gay theaters by country in February and March.

BranditScan Launches 'Referral Rush' Promo

BranditScan has launched its Referral Rush promotion for creators.

2025 AltStar Awards Nominees Announced

Nominations have been announced for the 2025 AltStar Awards, aka the AltPorn Awards, presented by Bad Dragon.

AI Erotic Storytelling Platform 'AIEroticSmut' Launches

AIEroticSmut.com, a DIY erotic storytelling platform, has officially launched.

TeamSkeet, MYLF to Launch New Website FamilyStrokes.com

Sister studios TeamSkeet and MYLF are launching a new website, FamilyStrokes.com.

AV Bulletin: Age Verification Hits the Mainstream, Ofcom Sets a Date

Industry stakeholders and free speech advocates have anxiously been awaiting the Supreme Court’s decision in Free Speech Coalition v. Paxton, which could significantly impact state age verification laws around the country. In the meantime, state legislatures continue to weigh and pass AV bills, AV tech providers continue to tout their services, and legal challenges continue to play out in the courts — with some cases on hold pending the SCOTUS ruling in Paxton.

Segpay Names Kristi Greer VP of Sales

Segpay has promoted long-time employee Kristi Greer to the position of vice president of sales.

BranditScan Names Subgirl Newest Brand Ambassador

BranditScan has named content creator Subgirl its newest brand ambassador.

Show More