At 10:22 PM 6/3/96 -0400, Perry E. Metzger wrote:
I've been rather hard on Java here lately.
I'll say. You have also ignored some of Java's other features. Machine independence is probably the most important. A nice, small, easy to learn language is another. [As an aside, when I attempted to compile Wai Dei's crypto lib 2.0 with the Symantec Project Manager C++ compilers, none of the 3 would compile it. The one which generated the fewest errors had "internal error" on two modules. This problem occurs because C++ is such a large language, with a number of obscure features which compiler writers don't always handle. In addition, C++ is in no way machine independent. The simplest example is that sizeof(int) is machine dependent.]
...
Sun is, unfortunately, suffering from a substantial hubris problem. As I have noted, the original Java applet security model and all the followups have had exactly the same problem -- they depend on perfect implementation of every element of the security model for the security to work, instead of having the realistic and conservative assumption that portions of the model will be misimplemented, and designing for defense in depth.
If you want defense in depth, run your Java interpreter in an OS environment which limits the interpreter's access to only those resources you wish it to access. I get the impression that the environment you are concerned with is a bunch of PCs running W95 or NT. These OSs are fragile enough, particularly to the denial of service attacks your users can not tolerate, that the only way to approach safety is to only run software which has been approved by an in-house testing authority. Even with the in-house testing authority, you really need a better OS to protect against testing failures.
Beyond that, however, they have created the ultimate hype monster. Java is a neat idea looking for a good application. I use the web all day long and I have yet to see a good use for Java.
There have been discussions of crypto applications in Java. Doing the crypto on the user's system before sending data thru the net is a useful application. While, as a number of us have pointed out, there are problems doing crypto with Java, it may be the easiest way to deliver strong crypto quickly to Joe Websurfer. In the long run, I hope to use Java to sell cycles. Java has the advantage in a cycle market that it is machine independent, and the Just In Time compilers should make the performance reasonable. Regards - Bill ------------------------------------------------------------------------ Bill Frantz | The CDA means | Periwinkle -- Computer Consulting (408)356-8506 | lost jobs and | 16345 Englewood Ave. frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA