From: "Perry E. Metzger" <perry@piermont.com>
The Web is the universal marketplace these days. Being unable to use the web is the equivalent of being unable to use the phone. I have research analysts at large trading houses begging for Netscape. Unfortunately, these people have a need for top notch security, because vast amounts of money are at stake. [...] Unfortunately, when the same machine runs Netscape so the trader can read the UUNet/MFS merger press release and also has the big shiny red "trade!" button on some application, you get nervous.
Aren't you holding Java to a higher standard than ordinary applications? If your traders run any software at all on their machines there is the risk of harm. The Netscape binary itself could be hacked to do bad things. Likewise with any other software they run. Wouldn't it be safer to run a Java applet than a typical program from the net? At least applets run in an environment which is designed to restrict the harm they can do. In OS's like Windows 95 there are no such restrictions on programs. Take a specific example: Mixmaster. This is a client for the remailer network. It is reasonably well suited to being implemented as a Java applet given the current restrictions on the language. If you had a choice between downloading and running the client as a program on your PC, versus loading and running it as an applet, which would you prefer? Or if you would do neither, how would you go about acquiring this functionality? Would you forego it forever, or would there come a time, say if no one else reported problems, that you would be willing to run one or the other? What I am really trying to get at is how you balance the risks that come automatically when you interact with the net against the benefits you get by doing so. You have chosen a certain point on the risk-reward continuum, one for which Java applets are apparently on the too-risky side. So I am wondering what principles you use to decide where a proposed application falls. Hal