1996-05-03 - Re: Why I dislike Java. (was Re: “Scruffies” vs. “Neats”)
Header Data
From: frantz@netcom.com (Bill Frantz)
To: hfinney@shell.portal.com>
Message Hash: 4824b2032795a1412bde815f6dc65ab02e0c0d766d95a5741d6e249a2eefac47
Message ID: <199605030527.WAA15760@netcom8.netcom.com>
Reply To: N/A
UTC Datetime: 1996-05-03 10:04:30 UTC
Raw Date: Fri, 3 May 1996 18:04:30 +0800
Raw message
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 3 May 1996 18:04:30 +0800
To: hfinney@shell.portal.com>
Subject: Re: Why I dislike Java. (was Re: "Scruffies" vs. "Neats")
Message-ID: <199605030527.WAA15760@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 8:34 PM 5/2/96 -0400, Perry E. Metzger wrote:
>At one of my clients, there is a software testing lab where all
>software that is placed on the trading floor is rigorously tested for
>months before it is put out on the users desktop -- it is, indeed,
>tested in conjunction with all other products the user would be
>using. No software is deployed before rigorous testing occurs. By the
>time the thing is put out, it is known to a high degree of certainty
>that it will not cause damage.
My clients have a similar testing setup for new communications software.
It is one way they are able to offer a reliable service to their clients.
>I would very much prefer a language who's security did not require
>such analysis. Java, sadly, does require such an analysis because it
>requires perfect implementation for its security model to work. In a
>restricted execution environment that was designed with defense in
>depth in mind, such an analysis would be a bonus, but not strictly
>required.
All secure systems require perfect implementation of the security kernel.
Java has a very large security kernel, since it's kernel includes the
kernel in the underlying operating system. As such, it is probably not
suited for high security environments.* However, it may well be secure
enough for individuals to run on their private machines.
* If a Java equipped browser is run in a operating system provided secure
environment, this restriction may not apply. Such an operating system
would have to provide Orange Book A or B level features (mandatory
security).
------------------------------------------------------------------------
Bill Frantz | The CDA means | Periwinkle -- Computer Consulting
(408)356-8506 | lost jobs and | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA
Thread
Return to May 1996
Return to “frantz@netcom.com (Bill Frantz)”
1996-05-03 (Fri, 3 May 1996 18:04:30 +0800) - Re: Why I dislike Java. (was Re: “Scruffies” vs. “Neats”) - frantz@netcom.com (Bill Frantz)