Polymorphism has been around for years, but it has been neglected for too long, said Adam Smith, who runs the open-source Java Open Source Project, in an interview with Politico.
And this year, Java has been a target of the open source community’s ire because of Java’s new, and potentially damaging, security flaw.
“Polymorphism comes from the same idea that if you have two classes, they have the same signature, and if you want to change the signature, you can do it with a change in class,” Smith said.
“This means that the new class can be used by anyone to create a different class with the same or a different signature.”
Polymorphisms, Smith explained, are not inherently bad; they allow you to change your signature without breaking any existing code.
The new Java security flaw is so bad that the Java team has made it so you can’t even change the type of the java.lang.
Class to get rid of polymorphism, according to a post on Java Community.
Java users who are concerned about Java security should be “looking at alternatives to Java,” Smith added.
That said, the lack of attention paid to polymorphism could be a blessing.
It’s possible to write programs that use polymorphism without breaking anything, and there are plenty of other languages that do this as well.
“If the only choice you have is whether to be a security freak or not, you’ll probably be happy to stick with the security freak,” Smith explained.
In addition to the Java security issue, Smith also noted that there’s been a number of other bugs that have been discovered in the Java platform that have made it hard to use the platform in enterprise settings.
“In Java, we’re trying to make the platform more user-friendly and easier to use, and we’ve been trying to do that for some time now,” Smith continued.
“That’s not a bad thing.
But if you don’t have a good reason to use Java, it’s hard to get people to use it, because you’re still going to get security bugs.”