Ray Cromwell writes:
Just a quick note to chime in. The OSF just did a deal with Sun to port Java to several platforms. The OSF is opening a "web mall" where you can grab software objects and run them. Expect to Java *really* take off in about 2-3 months. Every business on the net is going to want a Java shopping-client-basket on their web-mall/web-store. (Web Consultants! Learn Java!)
As a security consultant, I'm very happy about Java because once the holes are found in it and massive, Morris style worms are launched with it, I'll be laughing all the way to the bank.
Holes have already been found in CERN HTTP. The GETS() style bug was in the first few versions allowing attacks to overwrite the process stack. Any mail server written in perl is susceptible to weird attacks. For instance, if you ever eval/exec any variable that is double-quoted, rather than single quoted, it is possible to run shell commands via backtics or shell subprocesses in variable names. In fact, can you even prove that elm or pine don't have some obscure bug wherein a certain message, say with malformed headers, can overwrite the stack and allow Morris style attacks? The "Good Times" virus may actually be possible. Security is very nice to have. it's nice to rely on. But sometimes there's a need for some liberty. Make everything as secure as you can, but if security prevents you from doing something that you want to do, it's not helping you. The internet would be a very cold and barren place if the only application people ran was mail. Object Oriented Superdistributed components are so useful an abstraction, I think it's worth the security risk. HotJava solves some fundamental issues with protocols. Right now the W^3 working groups have been struggling to define URI/URCs and a whole host of other web protocols. They've been doing it for years, but they suffer from Xanadu like problems as far as I can tell. They don't want to saddle the web with a bad protocol, so they search to define a perfect one. Hence, no prototypes are ever deployed, because if they were, the user community might make them a defacto standard and lock them into it much like MS-DOS locked PCs into the Dark Ages. With Java, you define all the protocols you want. If your browser doesn't understand how to fetch a protocol, it can fetch a protocol handler. There's no need for a kitchen sink application that understands every protocol in existence. And with HotJava, you don't NEED to automatically fetch an application and run it. You can just use it as an extension language. If someone defines a new application or protocol handler for it, and this person is fairly trusted on the net, you can decide to run it (kinda like turning off autoload images), and even review the source code first. This is no less secure than ftping software from some site and compiling it. Maybe for you, the issue is protecting corporate networks behind firewalls. That's good, well then don't let employees run HotJava. However, I look at it from the home slip/ppp'ed user standpoint. I think over the next two years, slip/ppp'ed users will displace corporate/academic users as the largest group on the net. There will be worms and viruses. Just like there are nowadays. And there will be fixes. And there will be yet another arms race between virus writers and people who write anti-virus software. No doubt, there will be HotJava based worm/virus scanners, etc. A new market will come into being. You'll make money off of fixing holes. I'll make money off custom java clients business web pages. It's the price that should be paid, that is always paid, with any new technology. I'm not advocating being careless. I'm just saying that paranoid security hampers development of more robust and better software. HotJava is a piece of low-hanging fruit. As more people use it and more problems are found, better fruit will be found. -Ray