From: Ray Cromwell <rjc@clark.net>
Date: Fri, 20 Oct 95 12:19:49 PDT
To: chip@communities.com (Chip Morningstar)
Subject: Re: 50 attacks on Netscape - please send the check
In-Reply-To: <9510190047.AA14597@ communities.com>
Message-ID: <199510201919.PAA20537@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> fc@all.net (Dr. Frederick B. Cohen) writes:
> >50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser:
> > ... (drivel elided)
> 
> This fellow seems to be systematically (if not deliberately) ignorant
> about these things.

  I'm frequently seeing this same behavior by lots of people on
this list and it's sad. There are people making claims about
HotJava/Java that are obviously bogus if you even read the white paper,
looked at the source code, or programmed a "Hello World" applet.
The Java papers are an easy read.   If you want to know about the
implementation, read the source. At least criticize specifics about
the implementation rather than speculating what they are and then
proceeding to claim to have found a security hole in the implementation.
I'm even more surprised when I see someone with a Phd acting like
this.

-Ray