From: Christian Wettergren <cwe@it.kth.se>
To: Matt Miszewski <crypto@midex.com>
Message Hash: 69c45951c8173b01346dc3e19af5951ac5be7fd1916caf4df8a13d112f9d7195
Message ID: <199601240847.JAA08706@piraya.electrum.kth.se>
Reply To: <Pine.3.89.9601240858.A6438-0100000@shaq.midex.com>
UTC Datetime: 1996-01-24 09:08:11 UTC
Raw Date: Wed, 24 Jan 1996 17:08:11 +0800
From: Christian Wettergren <cwe@it.kth.se>
Date: Wed, 24 Jan 1996 17:08:11 +0800
To: Matt Miszewski <crypto@midex.com>
Subject: Re: Hack Java
In-Reply-To: <Pine.3.89.9601240858.A6438-0100000@shaq.midex.com>
Message-ID: <199601240847.JAA08706@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain
| On Tue, 23 Jan 1996, Benjamin Renaud wrote:
|
| > Yes. And if you also let an intruder in your house, have them sit at
| > your computer with your newborn child in the room and go on vacation,
| > things can get really, really nasty.
|
| I guess that wu-ftp never was distributed with security holes. Never
| heard of anyone distributing maliscious lookalike packages. How many
| folks do you think downloaded the linux-JDK and use it without checking
| it out first. That takes care of the compiler. And distributing bad
| netscape or other browsers is childs play. So I guess your newborn is
| relevant.
|
| Stick to your belief that Java is secure because, darn it, it just would
| be hard for anyone to do bad things with it. Please.
I think what we should worry about is the second-order effects of
Java; how will the world look like when Java is everywhere?
We should also not discount the "social" effects; what will people
do to try to circumvent the "stupid" safeguards that Java will be
distributed with.
I have earlier heard the opinion from the Java team (I believe) that
this is not "Java's fault", and I can understand that standpoint.
My opinion is still that the net result (pun intended!) is even weaker
security, because of these two reasons above.
(In my darker moments, I feel that the whole field of computer security
is in a major crisis. Ever heard of the Emperor's New Clothes? ;-))
Just some mumbling from,
Christian Wettergren
Return to January 1996
Return to “Matt Miszewski <crypto@midex.com>”