Hal writes:
From: "Perry E. Metzger" <perry@piermont.com>
Unfortunately, when the same machine runs Netscape so the trader can read the UUNet/MFS merger press release and also has the big shiny red "trade!" button on some application, you get nervous.
Aren't you holding Java to a higher standard than ordinary applications? If your traders run any software at all on their machines there is the risk of harm. The Netscape binary itself could be hacked to do bad things. Likewise with any other software they run.
At one of my clients, there is a software testing lab where all software that is placed on the trading floor is rigorously tested for months before it is put out on the users desktop -- it is, indeed, tested in conjunction with all other products the user would be using. No software is deployed before rigorous testing occurs. By the time the thing is put out, it is known to a high degree of certainty that it will not cause damage. This wasn't even something I requested -- they had this in place before I got there. This isn't that unusual on Wall Street, either -- I know of a number of firms with similar "integration labs", "test labs", etc. Netscape with Java cannot be so tested because important components come down off the net. So no, I'm not holding Netscape with Java to a higher standard. I'm very much holding it to the same standard. Perry