cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1995-10-10 - Re: Java

Header Data

From: Adam Shostack <adam@homeport.org>
To: gmiller@grendel.ius.indiana.edu (Greg Miller)
Message Hash: 0fdcbf89009361c2fad461aaff9932744125359f98a6090a2d625be393751bdc
Message ID: <199510101432.KAA03416@homeport.org>
Reply To: <Pine.3.89.9510091807.A8324-0100000@grendel.ius.indiana.edu>
UTC Datetime: 1995-10-10 14:29:30 UTC
Raw Date: Tue, 10 Oct 95 07:29:30 PDT

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Tue, 10 Oct 95 07:29:30 PDT
To: gmiller@grendel.ius.indiana.edu (Greg Miller)
Subject: Re: Java
In-Reply-To: <Pine.3.89.9510091807.A8324-0100000@grendel.ius.indiana.edu>
Message-ID: <199510101432.KAA03416@homeport.org>
MIME-Version: 1.0
Content-Type: text



| 	I'd like to make this prediction:  someone at some point in time 
| will find another serious security hole in SendMail.
| 
| 	What you need to ask yourself is "Do the benefits of Java 
| outweigh the security risks?"

	A substantial risk that Java carries is that its 'secure'
label will get in through doors which should have remained closed to
it.  I would be worried about Java capable browsers in the Federal
Reserve, because people will say 'its nifty, its labeled secure, lets
use it.'

	I think there are some interesting liability models waiting to
be explored here.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

Thread