This white paper discusses the applicability and desirability of Java as a programming language for use in secure systems compared to C and C++. At its foundation, Java’s language features prohibit unsafe type coercions and address arithmetic, prevent dangling pointers, prohibit null pointer dereferencing and out-of-bound array subscripts, and restrict application behavior according to the credentials of an application provider. Java completely eliminates most of the common mechanisms exploited in common virus and Trojan Horse attacks.