Frederick B. Cohen writes:
- They won't back up their claims of security by assuming liability for resulting damages. Their liability disclaimers tell us they think their security is worth exactly nothing. They are asking us to bet control of our IT on a product that they take no responsibility for.
You haven't paid for liability claims. Why do you think you should be able to pursue them? I don't know of *any* software which is guaranteed. But now you have the opportunity to change that. Point out all of Java's problems, and then sell them a solution that fixes those problems.
- They don't even provide us with the ability to control their product in the way we control other purchased software we place into our environments. The inability to restrict which programs from which sources are run on our machines is a fundamental element of control.
Again, sounds like something you could sell. Sell an HTTP proxy that only passes Java content if it's been signed by your company. And, of course, sell the matching signing service. There are no problems, really, just business opportunities. -russ <nelson@crynwr.com> http://www.crynwr.com/~nelson Crynwr Software | Crynwr Software sells packet driver support | PGP ok 11 Grant St. | +1 315 268 1925 voice | Flushing, NY. Not just a suburb, Potsdam, NY 13676 | +1 315 268 9201 FAX | it's a good idea in general.