-----BEGIN PGP SIGNED MESSAGE----- On Jan 29, 11:12pm, Futplex wrote:
Much more likely, IMHO, than a Java sniffer is a Java Trojan horse that pops up an innocuous dialog box and asks you to enter some sensitive piece of information, then sends it off somewhere. About all it takes to write that is a modicum of skill in user interface design. You could write it in any programming language, but in Java it may be particularly effective, since people may come to expect to be prompted for sensitive info over the net by Java apps. Maybe the Java folks who just left Sun decided to seize the opportunity ;> Since the Java stuff that I'm running around here either (a) is from netscape, which jams a little line saying, "Untrusted Java Applet" at the bottom of each window a Java applet creates or (b) is run by me, by hand, from the command line, using either the interpreter or the appletviewer... I don't think this is much of a threat. I see much more difficulties with javascript.
richard - -- Richard Martin Alias|Wavefront - Toronto Office [Co-op Software Developer, Games Team] rmartin@aw.sgi.com/g4frodo@cdf.toronto.edu http://www.io.org/~samwise Trinity College UofT ChemPhysCompSci 9T7+PEY=9T8 Shad Valley Waterloo 1992 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMQ4syB1gtCYLvIJ1AQGjGAP9GpTWkaY4wtknB2C/emCJ++5ZFmm4s/DV CPbhOhSiOIQWhDCZuhGqE3ltK1xnDqz2TqnoF8xzGRSiXTVJewsTW+fzsmq0wBJ9 GbqWiA1aWatju02zxL4QWJUBxK9LSEKnmQfWlodRIySUdIhQb35Wm8wzqqGUdm9o FS3TXrIsbNQ= =b64Y -----END PGP SIGNATURE-----