From: mrm@netcom.com (Marianne Mueller)
To: perry@piermont.com
Message Hash: ae4489bb7b95f4c745d31ca35742daba3df0a2b3128b10f64efa73c43990837b
Message ID: <199604272232.PAA00806@netcom20.netcom.com>
Reply To: <199604270123.VAA01708@jekyll.piermont.com>
UTC Datetime: 1996-04-28 06:47:04 UTC
Raw Date: Sun, 28 Apr 1996 14:47:04 +0800
From: mrm@netcom.com (Marianne Mueller)
Date: Sun, 28 Apr 1996 14:47:04 +0800
To: perry@piermont.com
Subject: Re: The Joy of Java
In-Reply-To: <199604270123.VAA01708@jekyll.piermont.com>
Message-ID: <199604272232.PAA00806@netcom20.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
Perry writes:
You can do that safely without making it dangerous for your machine. I
know how I would build a restricted execution environment for such
markets. However, Java is 1) too slow, since if you are selling rendering
cycles or such you don't want to be running an interpreter, 2)
insufficently safe, and 3) paradoxically, insufficiently powerful for the
sort of code you would want to run in such an environment.
What solution is fast enough and safe enough and powerful enough? Does
such a solution exist? I say, No, it doesn't. So let's quit pretending
that the Holy Grail exists, and get back to engineering.
But let's not have a food fight. Although entertaining in the short term,
food fights are actually deathly boring and incredibly unfruitful in the
long term. I'm interested in helping people do interesting things in a
reasonably secure way, on the internet, using Java. We're working on a
response to the Felten el al. paper, which will be posted to the net
shortly. I think some of their points are perfectly valid, some of their
points are irrelevant, and a lot of the presentation is melodramatic.
Melodrama is good for sound bites, I guess.
Marianne
working on Java security stuff at Sun
Return to May 1996
Return to “Wei Dai <weidai@eskimo.com>”