Java Applets: Good Examples of Bad Design

Java applets are bad.

Repeat the previous sentence 10 times, hopefully out loud in a crowded room of web designers and developers drinking their grande half-soy, half-low-fat, iced vanilla, double-shot, gingerbread decaf cappuccinos. Applets create confusion for users. Applets are slow to load. Applets are usually frivolous and unnecessary. Don’t use an applet just because you can! Applets are bad. Applets are bad. Applets are bad. Say it another 10 times just to make sure it sticks.

Don’t believe me, some random guy on the Internet? Then listen to these experts:

“One of the ten new mistakes of Web design is using applets where plain or Dynamic HTML would have done the trick.” — Jakob Nielsen (the authority on web design)

“Java applets: They take forever to download and contribute nothing in the way of actual content. Sometimes they offer the added bonus of crashing your browser or providing a mouse hole for malicious content (i.e., viruses).” — Information Today

“Applets are usually inaccessible and sometimes unsupported.” — Microsoft Usability Research Department

“Java applets are bad news, and have always been bad news. They were a hack that awkwardly solved a temporary problem with Web client dynamics, a problem that has since been more elegantly solved by DHTML scripting.” — JavaWorld

“If you can avoid using Java Applets, do so.” — J.P. Thiel (Computer Security Analyst)

“All applets from all sources, whether signed or not, can read and write files in /usr/tmp.” — Attacks from Outside the Operating System, Prentice Hall

“You should consider removing all applets from your websites.” — IBM Accessibility Center

“Avoid using applets.” — University of California, Berkeley

“Applets introduce usability and deployment issues.” — Apple Computer Developer Connection

Developers often use Java applets just because they can, or because they don’t know how to do it any other way. Don’t fall into the uneducated and unprofessional trap of using applets when some well-thought-out DHTML will do. Spread the word.

Applets are bad.

Author’s Note:

This article was spawned by a series of discussions and arguments with a roomful of various-level developers and junior management. Being only one month new to the company and therefore not having had enough time to prove my expertise, my extensive experience was often somewhat disregarded when my recommendations vehemently conflicted with the current path of development.

Almost seven years later, I am still working at the same company, having outlasted all but one of the above-mentioned developers and management. Apparently, I was able to stem the tide — to this day we have avoided any production use of Java applets. What a relief!

Prior to the reorganziation, this was the 400th article on Richard’s Ramblings — an obsolete and meanginless statistic.

20 Responses to “Java Applets: Good Examples of Bad Design”

  1. Sean

    “I have recently had fruitless discussions and arguments with a roomful of various-level developers and junior management”

    You’re just eager to lunch at the Duke, aren’t you.

    Reply
  2. Simon

    Well. I get the point you are trying to make. You think Java applets are bad! I wonder, could you add the dates of the articles you took those quotes from? Applets *used* to be bad. Sure. I’m not convinced that’s true anymore.

    Reply
  3. richard

    Most of these are not from old articles but are from current (as of this authoring date of this rambling) guidelines by the respective organizations. I’ll side with fellow experts from Apple, IBM, and (dare I say it!) Microsoft on this one! – RDL

    Reply
  4. Simon

    Thanks for the clarification! I agree with much that Apple, IBM and Microsoft people say with regard to applets. That is – when you have dynamic content in web pages (Java applets being a prime example) you should be aware of: a) the accessibility issues this can cause; and b) the various ways of dealing with these issues.

    Reply
  5. James

    agree with your article richard. its funny that you mention usability, white writing on a black background is a no no!! he he

    Reply
  6. richard

    Actually, many studies have shown that light text on darker backgrounds is significantly easier to read because it reduces strain on the eyes; the intensity of radiated light from a monitor as far greater than the reflected light from paper. Sitting down and working at a computer all day is the equivalent of staring at a burning light bulb all day, and is a leading cause of headaches in today’s modern offices. Being against the norm, especially when the norm is wrong, is not necessarily a no-no.

    At least it’s not blue on blue…

    Reply
  7. Duane Alan Hahn

    Well, this is what I think about black backgrounds:

    Any color text on a black background hurts my eyes. I can read black text on white all day long without a problem. An amazing number of people have their brightness or contrast turned all the way up, and that will make a white background hard to take. The trick is not to be lazy and actually adjust the brightness and contrast until it looks right since every monitor is different.

    I also give people a choice of background colors on my web site below my navigation to satisfy just about anyone.

    Reply
  8. richard

    Having just now viewed my website for the first time on a conventional CRT monitor, I must admit that it is substantially more difficult to read than it is on my nice, modern, crisp flat-panels — especially the pumpkin-colored links in my green-backgrounded comments. That said, I really don’t care that much. While, I am pleased that many people find even some of my blog entries informative, entertaining, amusing, or whatever, I really write this blog for me and me alone. OK, maybe I’ll include my family and friends. However, since this website is not part of my resume or a true example of what I do professionally, I don’t mind breaking the rules while simultaneously (and sometimes vehemently) espousing them…

    Reply
  9. Stéphane

    Why don’t they remove this useless feature of this fantastic language: Java.

    Reply
  10. lpedro

    I agree on some issues, but not all! Explain me just one thing. Imagine that you want to give the user total privacy like generating a random number which is know only by him, how do you perform this (are out there alternatives, if there are tell where)? Don’t tell me that u do it with servlets or jsps!!! I want total privacy…you can’t get that with jsp or servlets because they work over the host server so there is chances of someone see the information like a server administrator.

    Reply
  11. richard

    You’re not painting enough of a picture for me to understand your hypothetical scenario. All I have so far is that you want to generate a random number. You can securely use anything from JavaScript (client-side) to JSPs (server-side) to do that.

    Reply
  12. lpedro

    I’m not a webdesigner :) Ok, let’s see this scenario. I’m using a voting system, to protect the voter privacy on every stages i can’t use javascript and jsp’s or servlets for every thing. And why? Because i’ve to let the user cipher is vote to protect all information including from the servers that process the vote(is more complicated than this, but let not complicate things). To perform this i’ve to give the jar to the voter, i think that i’m not wrong when i say that is unthinkable to do this with javascript. And why not use jsp’s or servlets? Because as i writed before information could get caught by the system administrator(example)…i’m not talking about passing it, for that you use ssl. Why the applet? Because with applets i can delivery the jars on the voter and he can perform all with total privacy. Maybe this is a special case…but special cases exist. If i could do it some other way, you can be certain that i would, because as you say applets are SLOW and they can give serious problems on runtime that can be very or almost impossible to debug.

    Reply
  13. richard

    Sorry, but that scenario makes absolutely no sense. You want the user to vote on something, but then for some reason encrypt the vote to prevent the server that is intended to process the vote from actually reading the vote — all so that the system administrator is prevented from intercepting and reading the vote? Like he can’t take a look at the database or view the flat files?

    Second, transmitting the data via SSL will not prevent prying eyes from reading the vote. My company produces an appliance that reads all network packets, reconstitutes them into their original format, and extracts data out of any file format — encrypted or not, and either sent in the clear or via SSL. And, there are hundreds of hacking utilities out there that will record packets for later, off-line processing.

    And what the heck is the voter supposed to do with the JAR file?!

    Reply
  14. lpedro

    On a election (a real one) a vote can not be read until the election ends. Voter privacy has to be preserved. Only the voter should know is choice. To preserve all of this you have to use blind signatures and ciphers, so that anyone or anything including the services that process the vote shouldn’t be able to read the vote information. The vote is decrypted when election ends and counted, for this the election comission uses the private key in their possession generated at the time of the election creation.

    What has database and flat files to do with this??? Even if the votes were saved on a database or flat files without the private key to decrypt them what could you read?!?!

    And then without applets how could you give the voter the necessary privacy? Would you do it using jsp or servlets? For what i know jsp’s or servlets work over a server, so it was the server encrypting the votes then why encrypt them if the vote information was already knew by the server?!?!? Where is the privacy?

    The JAR file contains the necessary classes to perform blind signatures and ciphers. This jar is delivered whith the applet on the client(voter).

    How can you decrypt something encrypted with an asymetric cipher using keys size of 2048? How many years would you take it?

    Here ssl is only used to passed the encrypted vote strengthening security.

    The scenario only makes senses if you know what voting systems are. Voting systems are not page counters or only counters. I’m talking about real voting systems to real elections and not what you see in some web pages that ask you to vote on a blue color or white color.

    Reply
  15. richard

    OK, gotcha. Now I have a much better picture of what you’re trying to do. Under the required assumption that the voting machines are set up, pre-configured, pre-loaded, and controlled entirely by the appropriate voting authority and this is not an application designed to allow voters to cast their votes from home on their personal computer, then, yes, this is a very good example of a legitimate use of applets.

    Granted, you could do the same thing with Flash, but you’d lose the advantage of a common code base.

    Reply


Leave a Reply

  • (will not be published)