I didn't expect to have security concerns met with comments like this. I believe I asked a legitimate question, with a legitimate concern. If the website uses Java and it gets exploited, it's the website owner's problem. If I'm using an app that depends on a vulnerable version of Java (or not!) then that is my concern to have. Last, I wasn't attacking Arduino, which I love working with, but Java itself, which apparently cannot stop being exploited version after version.