1996-03-28 - Re: WSJ on Big Java Flaw

Header Data

From: frantz@netcom.com (Bill Frantz)
To: cypherpunks@toad.com
Message Hash: a13a550adbeef5c346a6074050d8261556a4395d6bd6516eb81bf75538465c8c
Message ID: <199603261814.KAA23974@netcom5.netcom.com>
Reply To: N/A
UTC Datetime: 1996-03-28 06:45:48 UTC
Raw Date: Thu, 28 Mar 1996 14:45:48 +0800

Raw message

From: frantz@netcom.com (Bill Frantz)
Date: Thu, 28 Mar 1996 14:45:48 +0800
To: cypherpunks@toad.com
Subject: Re: WSJ on Big Java Flaw
Message-ID: <199603261814.KAA23974@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:58 AM 3/26/96 -0500, John Young wrote:

>   Java was originally touted by Sun as a secure language. But
>   at least two other flaws have already been discovered in
>   the technology, including a less-serious problem uncovered
>   by the Princeton team last month. Sun's Ms. Mueller said
>   the problems have been correctable details in the way the
>   Java code is written, not problems with its basic design.

Having worked on a secure OS, with a small security kernel etc. etc. etc. I
realize that even those systems have bugs.  The Java people will work out
their bugs.  Others will read their code and find more bugs.  (It is to
Sun's GREAT credit that they are releasing their source under a not very
restrictive license.)  Eventually, in several years, Java security will be
ready for prime time.

Of course, for really valuable things, or the really paranoid, you
shouldn't connect your computer to a network.  The top dog certificate key
in SET is handled this way.

Regards - Bill


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA







Thread