fc@all.net (Dr. Frederick B. Cohen) writes:
50 Attacks: a.k.a. Why Not to Run Hot Java in your netscape (or other) browser: ... (drivel elided)
This fellow seems to be systematically (if not deliberately) ignorant about these things.
I'm frequently seeing this same behavior by lots of people on this list and it's sad. There are people making claims about HotJava/Java that are obviously bogus if you even read the white paper, looked at the source code, or programmed a "Hello World" applet. The Java papers are an easy read. If you want to know about the implementation, read the source. At least criticize specifics about the implementation rather than speculating what they are and then proceeding to claim to have found a security hole in the implementation. I'm even more surprised when I see someone with a Phd acting like this. -Ray