Ok, thought I would see if Carelink had been altered recently since the latest Java problems (yes unfortunately it still uses Java even with Oracle saying don't use it for a website but hey ho). Anyhow, thought I would give it a go again in Chrome instead of Internet Explorer...it complains about it, but continue and it works like a charm now! Doesn't even need to be run in administrator mode like Internet Explorer used to want to. No idea when they made this change as been just suffering along using it with Internet Explorer and following the crazy jumping through hoops. But it works nicely without IE or administrator mode...so that's two good improvements. Now they just need rid of Java and this will be great!
Don't think that will happen... Java has been arround for a long time, and I haven't seen any serious problems with it...
Since whole CareLink data retrieval is written in java (only platform independent language) I don't think they will get rid of that. Problems that Minimed has are not releated to Java, but to incorrect use of it, and also use of native library (this is the one that doesn't allow use of Carelink on any operating system).
"To defend against this and future Java vulnerabilities, disable Java in Web browsers." to quote the US Department of Homeland Security's Computer Emergency Readiness Team about recent bugs in it. Think that pretty much sums up how bad. We shouldn't need to use it.
What I would much prefer is access to the software my hospital is using to access the pump via CareLink. That's a full .Net application! If MM have rewritten a "professional" application for a native operating system, they can do for us home users also! And yes while that get's around Java, Mono will get around the issues for other OS's so it really should be just down to MM now.
Aha so, M$ buys Homeland security, with free install of Windows in all their offices and you are a happy camper...
If you had real application for end users (not doctors) and that means not a Web application, you wouldn't need to use java (or you could if you wanted). What Web application Carelink does is, to install java applet and it's native libraries into your computer and run's it. Now what Homeland security calls Java vulnerabilities are not vuln. but are features... You need to have a local access to either USB or COM port (depends on what you use to access the pump, either cable or Carelink USB key), and this is what java application does in this case... Actually MM has gone a step further and created whole communication with pump in this java application (or applet since it's run from Web browser).
Actually they could easily created full application (and please don't ever call .NET application a native application) but then the user would have all the work... Installing application, making upgrades, sometime uninstalling aplication and reinstalling the new one... They created Carlink Web application so that user doesn't have this headaches (they can change base "application" ala web page, or even change a way how "application" communicates with pump (the applet part)) without you even knowing)... It was a good move on their part, only problem is that while starting move was good (actually briliant), they didn't do the follow up... They "forgot" to add support for other browsers (this is now supported with warning as I recall) and support for other OSes (which is still not there, at least not fully), which makes on end, their starting briliant move, now look like a foolishnes...
I am firmly against putting personal (in this case medical) data on "display" on some web page. Actually it's not really on display, but if there was someone who wanted to hack it he could, since this data is stored somewhere "out there", which was only one of the reasons, why I decied agains using Minimed pump, when I was making the selection...
"Getting rid of Java" in this case is actually problem that would take a lot of money and a lot of time, which makes me sure it will never happen.
No, my issue is simple. MM have already rewritten it to work on .Net for doctors to use. So why can't we be allowed to use the same application so we don't have to go through the web and Java also?
Mono will hopefully cover it on other OS's, or should depending on what libraries they have used (yes I know Mono doesn't include all the MS libraries). And that takes out the whole security issue as you mention of it being on the web. I would love it to of been a proper application for each system, but that is probably asking far to much considering they've now got both a Java and a .Net version going.
My issue with Java and Flash is that they are the biggest security problems out there currently. And it wasn't just the Homeland Security lot who issued the warning over it. But the issue remains that the two of them are something which should hopefully be removed, and in doing so would greatly reduce the vulnerabilities of any system, be that Mac, Linux or Windows.
On a side note, the .Net application (on at least it's second version now that I've seen, although only played with the latest one) gives a lot more detailed information than the current system. Which seems to hint at (that and the fact it's pretty new, or new just to the hospital possibly) is where MM are developing it. The parts of the application which hold multiple patient details isn't needed for us, but the application itself is much better for cross referencing information.