1995-07-28 - Re: Java, Netscape, OpenDoc, and Babel

Header Data

From: “Perry E. Metzger” <perry@imsi.com>
To: Ray Cromwell <rjc@clark.net>
Message Hash: e24ed112c923a391dce9f2dfae06a6c3da7a6d9d4a467adfe3d3fb0048e1ee3d
Message ID: <9507281410.AA07271@snark.imsi.com>
Reply To: <199507280729.DAA01649@clark.net>
UTC Datetime: 1995-07-28 14:12:00 UTC
Raw Date: Fri, 28 Jul 95 07:12:00 PDT

Raw message

From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 28 Jul 95 07:12:00 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Java, Netscape, OpenDoc, and Babel
In-Reply-To: <199507280729.DAA01649@clark.net>
Message-ID: <9507281410.AA07271@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Ray Cromwell writes:
> 
>   Just a quick note to chime in. The OSF just did a deal with Sun
> to port Java to several platforms. The OSF is opening a "web mall"
> where you can grab software objects and run them. Expect to Java
> *really* take off in about 2-3 months. Every business on the net is going
> to want a Java shopping-client-basket on their web-mall/web-store.
> (Web Consultants! Learn Java!)

As a security consultant, I'm very happy about Java because once the
holes are found in it and massive, Morris style worms are launched
with it, I'll be laughing all the way to the bank.

I exagerate only slightly. I don't believe Java to be secure, in spite
of the claims. Its too complicated, and it operates in an environment
who's correct operation is required for it to remain secure. Good
system design says that you want a system's failure mode to produce a
secure result, but thats not what Java does.

Perry





Thread