Ray writes:
| Object Oriented Superdistributed components are so useful an abstraction, | I think it's worth the security risk. HotJava solves some fundamental | issues with protocols. Right now the W^3 working groups have been struggling
Its nice of you to say that. Its nice of Perry to disagree. Lets start using some concrete examples, so the source of disagreements become obvious?
I suspect Ray is working in an environment less security concious than Perry's. Perry works on a lot of security-critical applications where a lot of money is at stake. If I were going to go after financial institutions, I'd definetly look at which ones were using Java, and see what I could upload into their systems. Getting copies of the recent files might be *very* informative. I'd be worried if I were at Solomon brothers.
If a business wants high security, they probably shouldn't be running anything but mail. Even allowing users ftp access is dangerous because someone could download a trojan horse. My college took the /exec function out of IRC for this very reason. If data can get through a firewall by any means, DNS, mail, etc, it's possible to write some kind of program to send stolen information on those channels. Hell, there is a big enough problem with users bringing software from home into work and infecting company networks with viruses. I work in an environment which is very security conscious (IBM Watson Research). You should see how paranoid their virus lab setup is. And I'm frustrated by not being able to run stuff from work I run at home because of the firewall. I probably shouldn't be running the stuff at work anyway, but I can't pass up having access to a T1/T3 net connection on my desk. I have no problem with security, as long as it is user friendly. If everyone had to manually run PGP from the shell to post a message to cypherpunks, would there be many posts? At home however, I have full control over my environment. I don't avoid all potentially dangerous software, because for me, the benefits outweigh the risks. I have never seen the source code to DOOM's internet drivers, so I have no way of knowing if data is being stolen or downloaded to my harddrive. I would rather choose to encrypt the harddrive, and run the software in an alternate partition even though this still doesn't guarantee safety. I know people who go farther such as swapping HD's in-and-out depending on whether they are in "fun, experimental computer use mode", or "serious, money risking mode" But ultimately that decision is up to me. Most of the people who will be running HotJava are users in non-corporate environments. Once you actually browse some HotJava web pages with HotJava, the ordinary Web becomes static and boring. It's like the difference between ftp and Netscape, or TinyMUD and LambdaMOO. There's just so much potential, especially for crypto-clients. Because Java provides a single development platform, single execution environment, GUI, and network access. -Ray