1996-03-24 - Re: Java questions

Header Data

From: Mike Fletcher <fletch@ain.bls.com>
To: cypherpunks@toad.com
Message Hash: 91f530721a77a77f651c6520a69bc4cfa5aea499e25ea08cf80043bd72b93572
Message ID: <9603240538.AA12547@outland.ain_dev>
Reply To: <Pine.SUN.3.91.960323133624.17748A-100000@eskimo.com>
UTC Datetime: 1996-03-24 06:03:52 UTC
Raw Date: Sun, 24 Mar 1996 14:03:52 +0800

Raw message

From: Mike Fletcher <fletch@ain.bls.com>
Date: Sun, 24 Mar 1996 14:03:52 +0800
To: cypherpunks@toad.com
Subject: Re: Java questions
In-Reply-To: <Pine.SUN.3.91.960323133624.17748A-100000@eskimo.com>
Message-ID: <9603240538.AA12547@outland.ain_dev>
MIME-Version: 1.0
Content-Type: text/plain


> There has been a lot of discussion on coderpunks about implementing 
> cryptography in Java.  This got me thinking.  We don't see 
> every C++ compiler using the same back end.  So why is 
> everyone licensing Sun's Java implementation?  As a consequence of
> this if there is a bug in Sun's implementation, then that bug 
> exists in every Java implementation.  Imagine a future scenario 

	Why does everyone licensing Microsloth's MS-DOS
implementation?  If (If :) there's a bug in MS's implementation, then
that bug . . . .  It's done, it's available, it (mostly) works.  I
believe that there's a Mac version called Roaster for Macs that even
came out before Sun had a Mac port.

> where a virus/worm takes advantage of a single Java bug and 
> infects 90% of all computers attached to the Internet overnight.
> There may not be much we can do about this, but we should at 
> least be more aware of the possibility.

	But when we get signed classes you'll at least know whom to go
after if it does.

> On a more positive note, has anyone thought of writting a 
> remailer server or client in Java?  It would be really nice if we 
> could run or use a remailer by clicking a link on the web.

	Client would be kinda difficult to do until there's a crypto
lib available.  Either that, or you'd have to load it from local disk
so you could run PGP (the security model for applet hosts such as NS
prevents exec'ing outside programs from code thats loaded from the
network) which kinda defeats the purpose of doing it in Java (aside
from a single cross platform front end).  A server, being a stand
alone app most likely, would be doable but again you'ld need a native
PGP for the crypto.

---
Fletch                                                     __`'/|
fletch@ain.bls.com  "Lisa, in this house we obey the       \ o.O'    ______
404 713-0414(w)      Laws of Thermodynamics!" H. Simpson   =(___)= -| Ack. |
404 315-7264(h) PGP Print: 8D8736A8FC59B2E6 8E675B341E378E43  U      ------





Thread