[snip]
Mr. Felten said that unscrupulous people who discovered the flaw could boobytrap a Web page on the Internet, essentially seizing control of the browser software of any PC that tapped into that page. At that point, the hackers could read or delete an entire hard disk of data files. "The consequences of this flaw are as bad as they can be," he said.[..]
The generalized halting problem comes to mind...
Since it can be proved that there's no complete set of heuristics to tell if a given program has a characteristic (such as "secureness") then sooner or later someone will discover another security flaw.
A question is whether a simple patch is made or if the set of heuristics is widened (ie, learn from mistakes) so that similar flaws can be found based on knowledge of that one flaw.
Since this Java error is probably deep in the bytecode interpreter, the question is will Sun patch this *particular* problem, still allowing others, or will it have to rewrite the interpreter so that it enforces the language more rigorously? They are under pressure to make a "quick fix" (they've promised something in two days), but real security needs to be built in to a system from the ground up, with disciplline and thorough design. If they need to redesign their approach to implementing the bytecode interpreter, that could take weeks, months? BTW, its a testament to security through code review, as the Princeton team probably could not have discovered this deep flaw without looking through the code. David Macfarlane.