Google Chrome to discontinue Java support, prevents access of USPTO resources

By Steve Brachmann
June 30, 2015

Java

“Di-Logo-Java-Orange” by Silveira Neto. Licensed under CC BY-SA 2.0.

The actions of the Internet services developer Google, Inc. (NASDAQ:GOOG) have been highly influential in various sectors of technological innovation. The company followed rival tech firm Apple Inc. (NASDAQ:AAPL) into the ring of contenders in the mobile payment system field this year. Google’s acquisition of Android helped the company achieve dominance in the sphere of smartphones and mobile computing. Many former Google employees have left that company and stepped into executive roles at other tech giants like Facebook (NASDAQ:FB), Twitter (NYSE:TWTR), Instagram and others. The multinational tech company has also proven to be adept at political influence; during 2012, the only corporation that outspent Google in lobbying spending was General Electric, and in 2013 Google was in fifth place.

Tech decisions made by this company can often herald important trends in the market. That’s one reason why Google’s decision to eliminate support for the Netscape Plugin Application Programming Interface (NPAPI) could signal a much more diminished role for Java, once a very popular programming language for Internet applications. NPAPI is a cross-platform architecture for enabling browser plugins and Java’s reliance upon the architecture means that as NPAPI leaves the Chrome system, so will the ability to run Java applications. Chrome representatives have stated on the browser’s official blog that removing NPAPI will increase security and speed for the browser while reducing the complexity of the system. As Chrome has expressed on its DevTools website, “NPAPI is a really big hammer that should only be used when no other approach will work” because of its complexity and security risks.

This change to the Chrome browser system is one of which U.S. patent applicants will want to be aware because of its impacts to some of the digital resources made available by the U.S. Patent and Trademark Office. Both EFS-Web, the USPTO’s online patent application and document submission tool, and Private PAIR, a secure portal for learning the status of a patent application, utilize Java programming script for authenticating users when they sign in to those services. The USPTO has posted guidance from computer technology corporation Oracle Corporation (NYSE:ORCL) recommending the use of alternative browsers such as Firefox, Safari and Internet Explorer to access these services in the future.

Although default support of NPAPI architecture was disabled for Chrome browsers with the release of the Chrome version 42 update released by Google in April of this year, Chrome users will still be able to manually activate support for NPAPI over the next few months. All a patent applicant hoping to use Chrome to access EFS-Web or Private PAIR would have to do is open their Chrome browser, type “chrome://flags/#enable-npapi” into the address bar and clicking the link titled “Enable” under the Enable NPAPI flag that appears. The Chrome browser will have to be restarted for the change to take effect. This manual override will be removed from Chrome with the release of version 45, expected to be released in September of this year.

It’s interesting to note that Java had been at the center of a legal dispute between Google and Oracle, which owns copyrights on certain aspects of the Java code which it acquired when it purchased Sun Microsystems in 2010. In that same year, Oracle sued Google, seeking about $1 billion in damages for Google’s use of Java to design the Android operating system. In May 2014, the Northern District of California issued a ruling on the case which concluded that certain Java application programming interfaces (APIs) were entitled to copyright protection. The case was remanded for further proceedings and is pending petition at the U.S. Supreme Court. Most recently, an amicus curiae brief filed by U.S. Solicitor General Donald Verrilli advised denying Google’s writ of certiorari on the grounds that the case represents “a poor vehicle for the Court to address, for the first time, the application of copyright principles to computer programs.”

It’s tough to say how much of a role, if any, this court case has played in Google’s decision to distance itself from Java on the Chrome platform. The company has been developing an alternative to NPAPI called Pepper API (PPAPI) which allows users to load trusted plugins by running a command line prompt in the Chrome browser. This API architecture enables programming languages such as Flash which are utilized by web applications.

Java has also suffered in recent years from a number of security breaches which has leveraged the ubiquitous nature of the programming language as well as vulnerabilities inherent in code imported into an API from third-party libraries. Major tech corporations like Apple, Facebook, Twitter and Microsoft Corporation (NASDAQ:MSFT) have all been victimized in recent years by malicious programs taking advantage of Java vulnerabilities. Techniques such as Runtime Application Self-Protection (RASP), which provides real-time analysis of application behavior for a more immediate response to any cyber attacks, have been developed by a Dublin-based firm known as Waratek. Still, data security concerns run so deep with Java that in January 2013, the U.S. Department of Homeland Security issued guidance to all computer users that recommended disabling Java software on all computing products because malicious coders have been able to take advantage of Java’s vulnerabilities so consistently.

As the situation with the USPTO’s online resources points out, however, there are some issues that make it impossible for certain Internet users to totally part with Java. Most households can get by on their typical Internet usage without running Java at all but there are governmental websites providing resources which require Java, including NASA and the National Institutes of Health. Businesses, organizations and individuals looking to access those tools will need to do so with a browser other than Chrome.

The Java issue is compounded on Chromebooks, the lightweight notebook computers which run an operating system based on the Chrome browser. Officially, third-party web browsers like Firefox and Internet Explorer cannot be used on Chromebooks, which is not designed to run executable software programs. It is possible, however, to install a Linux-based operating system such as Ubuntu to replace the Chrome OS, which is itself based upon Linux. Ubuntu and other Linux-based OS environments are capable of executing and running web browser programs like Firefox.

CORRECTION: An earlier version of this post erroneously named Oracle as a RASP developer, not Waratek. However, Waratek developed RASP based on Oracle’s Java code.

The Author

Steve Brachmann

Steve Brachmann is a freelance journalist located in Buffalo, New York. He has worked professionally as a freelancer for more than a decade. He writes about technology and innovation. His work has been published by The Buffalo News, The Hamburg Sun, USAToday.com, Chron.com, Motley Fool and OpenLettersMonthly.com. Steve also provides website copy and documents for various business clients and is available for research projects and freelance work.

Warning & Disclaimer: The pages, articles and comments on IPWatchdog.com do not constitute legal advice, nor do they create any attorney-client relationship. The articles published express the personal opinion and views of the author as of the time of publication and should not be attributed to the author’s employer, clients or the sponsors of IPWatchdog.com. Read more.

Discuss this

There are currently 7 Comments comments.

  1. Anon June 30, 2015 7:02 am

    First, do** no evil.

    ** – unless of course that such doing is either convenient or profitable.

  2. Joachim Martillo June 30, 2015 7:13 am

    Oracle’s position with respect to the NPAPI was not unreasonable. Google was arguing fair use of function declarations (whatever that means), but Java is not like C or C++. Everything but elementary data types like int or boolean are programming Objects including Class and Interface. Thus a Java API (i.e. a Java Interface) represents a good deal of software code, which is certainly copyrightable.

  3. Chris Bosken June 30, 2015 8:59 am

    It seems like the USPTO bears some responsibility here. If DHS recommended disabling Java in 2013, it seems prudent for the Office to have started efforts to replace the Java backbone of EFS a while ago.

  4. David Stein June 30, 2015 9:32 am

    > The USPTO has posted guidance from computer technology corporation Oracle Corporation recommending the use of alternative browsers such as Firefox, Safari and Internet Explorer to access these services in the future.

    I’ve never been able to get either Private PAIR or the Dashboard to work in Firefox. (Private PAIR refuses to open the “Select File” dialog in order to select a PKI certificate. Dashboard absolutely refuses to load – it’s simply *not there* when you load the page in Firefox – extremely confusing.)

    My solution to date has been to use Chrome. So, yes, this is a problem.

  5. Michael J. Feigin, Patent Lawyer http://PatentLawNY.com June 30, 2015 12:41 pm

    Google Chrome disabled Java in Linux a while ago so I’ve been dealing with this issue for some time. I ended up switching to Firefox for Private Pair … then I realized, “hey, this isn’t the same Firefox I remember! It have everything Chrome has only it’s actually the less bloated browser now. When did that happen?”

    So… I ended up switching back to Firefox entirely.

    I suggest everyone send a note to the USPTO and ask them to stop using Java – there is no reason you should have to load 220 megabytes into memory simply to upload a file and enter a password to login. They could do this with basic HTML and accomplish the same thing.

  6. TF June 30, 2015 3:55 pm

    You wrote that certain websites “utilize Java programming script for authenticating users” when the more accurate characterization is that certain websites “utilize compiled Java code for authenticating users.” Java and JavaScript are two different technologies that share little more than similarities in name and syntax.

    Also note that some court websites also require Java support. One such court is the U.S. Court of Appeals for the Federal Circuit, which handles all patent appeals including the Oracle v. Google appeal.

  7. Huh? June 30, 2015 8:07 pm

    This is somewhat funny because within the USPTO employees are being forced to use Google Chrome in order to access PE2E, the new docket management software.