From the begining of the Java discussion on this list, Perry has been
predicting that a continuous series of security holes would be discovered in Java implementations. So far he's been proven right. I like Java -- I'm not a professional programmer, and Java is a lot easier for me to work with than C++. And I can buy the argument that for many people the benefits of applets will outweigh the security risks. I'm willing to run sendmail, and I'm willing to run Java as well. I'm not working in a finance house, and there's not anything that sensitive on my machine. It also seems likely to me that Java secure mail applets and remailer clients will do a lot of good from a cypherpunk point of view. Java looks like it's going to put easy to use gui crypto tools within reach of everyone with a web browser. So I'd like to see Java catch on, as long as users are allowed to make informed decisions about the risks and the benefits of running applets. But Perry has a track record on this issue (and on many other issues as well). I don't think many people here are going dismiss what he's saying because someone called him a food fighter.