Feedback I've got so far:
1) "Many people (don't know any %) switch off Java (and Java script?),
since they are concerned that they open up a loophole for malware and
ad/spyware." From the discussion I had with one user I gather that they
feel the Java sandbox is "too open" (e.g. access to files on the users
computer) and it is unreasonable to expect someone to audit all that
code in the applet for any hidden attacks.
2) "Some browsers do not come with Java applet support enabled or even
included." I have not found one instance of this, yet, but I'm sure this
is true. It is, however, not clear to me, what percentage of users would
fall into this category. My guess is in the single digits, really.
Please add to the above list, if I missed something or you have not
chimed in, yet.
Here is a short discussion of these points from my current point of view.
1) It's a dangerous world out there, yes. One can never be too secure
when stepping out into the Internet. However, would you trust someone
like Wikimedia to send you non-evil applets, in case there is a
reasonable and enforced way how Java code becomes an applet served by
these servers? One needs to discuss whether such way can be practical,
sure. But if it exists, do you really insist that *still* it may not be
allowed?
2) So, if a user wants to work on a lab (= interactive lesson) in
Wikiversity, do you really expect *no* additional software (plugin)
should be needed? That sounds like quite a limitation, does it not? If
this is true and we want to avoid those limits, then we should choose
the most widely available tool, that can do the job, fits the necessary
license requirements, and does not create an unreasonable burden to make
it work. Why would an applet not be one of the top choices?
I think the only serious problem to address is the trust/audit issues
with applets. We need an open and trustworthy process for how applets
are made and delivered. That does not sound impossible to me...
Andreas =:-)