Depending on what browser you are running, you may have noticed a peculiar blue screen as DigiCrime's opening page. What was that? Just a little Java.

It's not supposed to do that, but unfortunately there appears to be yet another bug in the Java implementation that allows an applet to take over the complete screen and look like something other than an applet. Netscape, Microsoft, and Sun have gone to great pains to make sure this cannot happen, and they have added adornments to Java Frame windows that say something like "untrusted Java Applet Window" or "Unsigned Java Applet Window". This is mean to inform a user that the window is running as an applet, and comes from an untrusted source. Otherwise, a user might be presented with a hostile applet that presents a window like the one on the right. The only way you are supposed to be able to remove the warning is if the Applet has been digitally signed to assure authorship.

Unfortunately, it is possible to create a Window with a size and position so that does not show these adornments by placing it so the warning is off the display area of the screen. This is done using the java.awt.Window class and the move() and resize() methods. In Netscape Communicator 4.03 it is possible to completely cover the screen. In Netscape 3.0 it is possible to conceal the warning from the user. In Microsoft Internet Explorer I have been unsuccessful in completely concealing this, although I can conceal it enough to render it unreadable. These results have been produced under Windows 95 and NT, but may also exist with Unix or Macintosh versions.

This does not mean that "Java is insecure". It means that in order for software to be trustworthy, it should be put through an extensive evaluation process. The current rapid pace of software development, premature release, and feature bloat means that software is getting into consumer's hands before it has a chance to be properly tested. The consumer benefits from exposure to truly innovative software, but security suffers.