Maybe it seems like a grim environment for starting a new project. Well, considered on technical grounds alone, it is. One needs a pretty compelling technical story to do better than already existing projects.
As I mentioned in my last post, proper implementation (and verification) of the Java Security Model is a strongly compelling technical story. And it is still WIDE OPEN. If you wish to develop a protocol in which (potentially malicious) code can be WRITTEN on computer A, then SENT to computer B and run in a sandbox in a secure and flexible manner as determined by the administrator of System B ---- then there is NO open source project that will support that functionality, nor is there currently any open source project that intends to build that functionality. Not GCJ. Not Kaffee. Not .GNU. Not Mono (although Mono seems to be the closest, maybe).
The Palladium proposal, to the extent it is still alive, should give extra impetus for this project. Microsoft has argued that Palladium will make your computer "more secure" against viruses. This is FUD designed to scare people into "trusted computing". Well, so will Java and Java-like systems, and they'll do it without wresting control of the computer from the end user. Of course, only commercial Java systems do it today. But imagine the potential a secure Java or Java-like system could have, if it were easily integratable into a wide range of OS and desktop applications.
-- Bob
