From: "Phillip M. Hallam-Baker" <hallam@ai.mit.edu>
Date: Tue, 17 Dec 1996 14:00:12 -0800 (PST)
To: "'cypherpunks@toad.com>
Subject: Re: Securing ActiveX.
Message-ID: <01BBEC3B.F2F5EF10@crecy.ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain




Bill Frantz <frantz@netcom.com> wrote in article <59721c$t8o@life.ai.mit.edu>...
> At 7:19 AM -0800 12/17/96, Blake Coverett wrote:
> >I would be happier running an ActiveX control with Peter Trei's signature
> >on it
> >than I would an unsigned control in a sandbox.  (This kind of a trust decision
> >is probably the normal case in the intranet world.  ActiveX as it sits is
> >quite
> >sufficient for rolling out internal intranet applications.)
> 
> While I might agree about Peter, I wouldn't agree if the signature was
> Microsoft's (or any other large software vendor).  There is just too much
> room for bugs and or Trojan horses to enter via that route.

I fail to see what the fuss is about. there are clearly advantages to having
a good operating system architecture which provides protection for running
applications and allows fine grained control over access to sensitive 
resources.

The problem with the Java Sandbox model is that its all or nothing. In
order to protect the user it allows the applet access to nothing that is
important. As a result the applet can perform no function that is
of importance. "Give us your corporate strategy and billing record
and we will give you dancing beans on your screen" as one wag
put it.

I am still waiting to see a Java applet that does anything usefull. Most
do no more than an animated gif would. The most elaborate are little
more than carbon copies of the standard computer games.

The download problem really is not that hard. The big problem is 
content. So far nobody appears to have the remotest idea how to
use Java and I expect it to be about five years before the model
emerges. From hypercard to the Web took ten so don't
expect it to be overnight.

The Microsoft bashing could be given a rest. Bill G. wins only 
because the rest of the market gave up. Stick a non computer 
litterate person in front of UNIX, Lotus 1-2-3 for MS Dos or 
Wordperfect for MS-Dos. If you don't realse then why Bill won
you should try another career.

MS-DOS and Windows are crappy O/S because they lack the 
type of memory protection that VMS and UNIX have. This was 
in part incompetence but mostly Intels disastrous design for the 
80286. Meanwhile Apple managed to produce an inexcusably bad
O/S without protection on a chip that had excelent provision for it.

If you want your applet to do anything of use then the Java security
model is inadequate. It is usefull for the software developer to have 
a rich security model since it makes it much easier to build secure
software. Under VMS there are 32 different priviledges allowing
fairly fine grained control. It is possible in some cases to access
a wider range of resources by nafarious tricks but its hard to do
something bad by accident.


		Phill