Wednesday July 28, 2004

In an attempt to address my last blog, I wanted to find out how much viruses were costing customers. What I found was that, according to Scott McNealy's keynote at JavaOne (day 2, part 3) the number was 300 billion in just Q1 (2004) alone. If that can be extrapolated, that would be $1.2 Trillion/year. Wow, and that is just 2004. Admittedly I have been unable to determine the source of the $300 billion for Q1 (my attempts were limited to google). After watching my customers deal with viruses (which is an insanely small sample size on a worldwide scale), I believe its a big, big number. I'll take my bosses, bosses, bosses, bosses boss number in good faith and re-quote it here. Even if you think that my CEO is full of hot air and the number is greatly exaggerated, just take 1% of that $300 billion. That's still $3 billion in ONE QUARTER.

Lets imagine for just one minute that email clients were written in Java. Using the Java security policy, one could limit the email client so that it could only connect to only its email host and save attachments to a directory called 'write attachments' and attach files to an email from only the "read attachments" directory. Anyone care to guess what would happen to that $300 billion in this scenario? I doubt it would go to zero, but it sure would be less. Now extrapolate that scenario to virtually every application on the desktop (and server). Want to take another guess? No, it still wouldn't be zero (Unix/Linux and windows still have bugs) but I bet it would be yet even smaller.

Leverage the Java security model and save a huge chunk of that $300 billion. If we want to spend $300 billion dollars, lets make sure it is on OUR terms, not on the terms set by others.