1995-10-10 - Re: java security concerns

Header Data

From: Aleph One <aleph1@dfw.net>
To: “Perry E. Metzger” <perry@piermont.com>
Message Hash: d52e1f7aadff9f05c359d9d707b0e29f21fac0f07049a5796320d6cf47c37ee1
Message ID: <Pine.SUN.3.90.951010002834.2770A-100000@dfw.net>
Reply To: <199510100457.AAA00235@jekyll.piermont.com>
UTC Datetime: 1995-10-10 05:36:21 UTC
Raw Date: Mon, 9 Oct 95 22:36:21 PDT

Raw message

From: Aleph One <aleph1@dfw.net>
Date: Mon, 9 Oct 95 22:36:21 PDT
To: "Perry E. Metzger" <perry@piermont.com>
Subject: Re: java security concerns
In-Reply-To: <199510100457.AAA00235@jekyll.piermont.com>
Message-ID: <Pine.SUN.3.90.951010002834.2770A-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain

Iam sorry I dont fallow your logic. You find Postscript files
save because you can set up the interpreter to ignore Postscript commands
to write to files and execute programms (check the CIAC alerts), yet
you find Java applets insecure even when you can set up the same
restrictions and more under HotJava (and hopefully Netscape)?
That does not compute. Granted Java is certanly more complex than postscriptm
it a genereric programming language, and will be used by more people.
But that same concept aply.

Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 10 Oct 1995, Perry E. Metzger wrote:

> Postscript is completely safe if the interpreter is emasculated, and
> most of them are. (It is a huge risk when run on a non-emasculated
> interpreter, but fortunately it is easy to castrate one of the things.)
> 
> Java isn't like that, unfortunately. I wish it was simply a
> display-postscript like thing that built pretty pictures inside a
> confined window -- I could trust that to be done right if it was done
> carefully.
> 
> Perry
> 

Thread

Return to October 1995
Return to “Aleph One <aleph1@dfw.net>”
Return to “Brian Davis <bdavis@dg.thepoint.net>”
Return to “cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)”
Return to “fc@all.net (Dr. Frederick B. Cohen)”
Return to “John Lull <lull@acm.org>”
Return to “m5@dev.tivoli.com (Mike McNally)”
Return to “Michael Froomkin <froomkin@law.miami.edu>”
Return to ““Perry E. Metzger” <perry@piermont.com>”
Return to “Ray Cromwell <rjc@clark.net>”
Return to “sameer <sameer@c2.org>”
1995-10-10 (Mon, 9 Oct 95 17:29:54 PDT) - Re: java security concerns - cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
- 1995-10-10 (Mon, 9 Oct 95 17:57:43 PDT) - Re: java security concerns - sameer <sameer@c2.org>
  - 1995-10-10 (Mon, 9 Oct 95 21:42:35 PDT) - Re: java security concerns - Ray Cromwell <rjc@clark.net>
    - 1995-10-10 (Mon, 9 Oct 95 21:58:03 PDT) - Re: java security concerns - “Perry E. Metzger” <perry@piermont.com>
      - 1995-10-10 (Mon, 9 Oct 95 22:36:21 PDT) - Re: java security concerns - Aleph One <aleph1@dfw.net>
        1995-10-10 (Mon, 9 Oct 95 22:48:05 PDT) - Re: java security concerns - “Perry E. Metzger” <perry@piermont.com>
        1995-10-10 (Mon, 9 Oct 95 23:16:10 PDT) - Re: java security concerns - Ray Cromwell <rjc@clark.net>
        1995-10-10 (Tue, 10 Oct 95 06:02:10 PDT) - Re: java security concerns - m5@dev.tivoli.com (Mike McNally)
        1995-10-10 (Tue, 10 Oct 95 08:01:17 PDT) - Re: java security concerns - “Perry E. Metzger” <perry@piermont.com>
        1995-10-11 (Tue, 10 Oct 95 22:51:12 PDT) - Re: java security concerns - Ray Cromwell <rjc@clark.net>
        1995-10-11 (Wed, 11 Oct 95 06:19:04 PDT) - Re: java security concerns - “Perry E. Metzger” <perry@piermont.com>
      - 1995-10-10 (Tue, 10 Oct 95 03:22:23 PDT) - Re: java security concerns - fc@all.net (Dr. Frederick B. Cohen)
    - 1995-10-10 (Tue, 10 Oct 95 03:44:37 PDT) - Re: java security concerns - fc@all.net (Dr. Frederick B. Cohen)
- 1995-10-10 (Tue, 10 Oct 95 10:14:09 PDT) - Re: java security concerns - John Lull <lull@acm.org>
  - 1995-10-11 (Wed, 11 Oct 95 08:59:53 PDT) - Re: java security concerns - Michael Froomkin <froomkin@law.miami.edu>
  - 1995-10-12 (Thu, 12 Oct 95 12:37:02 PDT) - Re: java security concerns - Brian Davis <bdavis@dg.thepoint.net>

cryptoanarchy.wiki

1995-10-10 - Re: java security concerns

Header Data

Raw message

Thread