1995-10-10 - Re: java security concerns

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: cypherpunks@toad.com
Message Hash: 5990a246c522d5219d7fd6b9a506b73986eba03eec1ac057dd973ad3b2ee792b
Message ID: <199510100737.AAA21881@ix.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-10-10 07:37:16 UTC
Raw Date: Tue, 10 Oct 95 00:37:16 PDT

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Tue, 10 Oct 95 00:37:16 PDT
To: cypherpunks@toad.com
Subject: Re: java security concerns
Message-ID: <199510100737.AAA21881@ix.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 02:15 AM 10/10/95 -0400, Ray wrote:
>  There is a large class of Java apps that need no file i/o capability.
>99% of all Java apps on the web right now don't save any persistent state 

While file I/O, especially file writes, are certainly a major concern,
network capability is also critical - and I would guess that most of the
interesting applets aren't just animated Christmas trees and image advertising -
they'll be things to help you fill out a form correctly and send it in,
or have buttons that say "order me".  If they can issue outgoing messages
of their own, they can spam, and they can send worms.

> But it's still unclear whether those lack "i/o capabilities",
>given that some postscript printers run operating systems and tcp/ip stacks

Unlike network-equipped PS printers, which are a relatively small fraction
of the market, and which usually don't get requests from the outside world
sent to them through firewalls, we're talking about something that will be
in Netscape, where anybody who clicks a button on anything on the web can
download an executable page...  It's a bit hard for network printers to find
each other in most places; it's much easier for Netscape sessions to do so.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---






Thread