once again I will offer a contrary view, and once again to PM. PM predicts that serious (unfixable?) bugs will be found in Java on the level of what was recently identified in Netscape. I disagree. I am not intimately familiar with Java (nor, obviously, is PM), but I know Java was designed from the ground up to be secure on every platform it is running on. in contrast to most OSes, the whole theory of Java is based on creating a totally secure, unbreakable programming environment. most OSes start out with the idea, "what is an application? how does the OS handle it? how does the OS permit file I/O etc.?" Java starts out with the idea, "what operations can be allowed without compromising security but still allowing algorithms"? the software will succeed or fail in its aims on how well it accomplishes the criteria of unbreakable security.. I suspect it is eventually going to be considered more secure than many OS's out there that it runs on (even unix). (and Java may eventually evolve to become an integral part of future OS security apparatuses). one thing that people don't seem to realize: Java was clearly engineered to be a language that would allow "cycle sales" over cyberspace. in other words, how can companies lease out unused cycles to the world just like power companies sell off their extra watt-hours to adjacent cities? a secure language is the critical piece, and the Java designers were clearly aiming for this remarkable and commendable accomplishment. someday, even conservative companies such as IBM may agree that the security of Java is so great (and so widely well-proven as rock solid) that they will lease out their unused, nighttime CPU cycles to Java applications and interested buyers, because they can be sure that there is just no way to sabotage a system no matter how ingenious you are.. PM tends to suggest that any language or computing environment with a certain degree of complexity simply cannot be made secure. I generally agree with this. however I suspect that Java is beneath this complexity cutoff. I do agree with other cypherpunks however that focusing cpunk attentions on breaking Java is a highly worthwile activity. Java is an extremely promising development and I fully suspect it will become something of the first widespread "cyberspatial programming language". in another message I talked about how companies such as Netscape may not become so security conscious themselves but work with other companies who are security paranoid and try to successfully integrate their applications. Java is the prime candidate for this. and I am willing to bet the Java engineers have seen every security trick in the book (many I suspect perhaps even PM in his own paranoia and obsession is not aware of) and can demonstrate how Java, at least if implemented bug-free, defeats *all* of them and can virtually be proven secure. now, that little catchword "bug-free" I put in the last sentence is something that everyone here can jump on. "it might be possible to create a secure language *in*theory*" say the naysayers, "but in practice it will always have bugs that can break it." well, I think if anything will go beyond this weakness, Java has the best chance. and the above argument sounds suspiciously like, "no software can really accomplish exactly what it sets out to, because it will have bugs". sure, Word and Excel both have bugs, but they do not defeat the primary design. and this argument, "you cannot implement perfect software" is more of a complaint against human psychology than against a group who is trying to implement a theoretically secure programming environment. (perhaps they should use the qualification, "java is the first secure programming language, in theory; in practice YMMV <g>"). I think we should be careful to make this distinction. there is a lot of software that is not even theoretically secure, and there is some software that tries to be secure but is not due to implementation difficulties. the latter should not really be our concern so much. we are not here to try to prevent programming errors (i.e., not correctly translating a correct design into code) so much as to try to get companies to write software, that if written properly, is secure. (it seems to me this is the logical first step, and then then next step is trying to break the code that seeks to be secure and flame the eyebrows off its designers, as has been done here recently <g>, but unless one first has a good hammer, one does not care about faulty nails..) I was talking to a press reporter and he asked if the cpunks had gone into some sort of new phase in which they were becoming something like the policemen of cyberspace. I said that they had not really changed in their goals much at all, it's more that the software that cpunks have fantasized about for years is now starting to materialize, and there is now something concrete to focus energies on. Netscape is a good example, and Java is another example. I think if I had talked about Java a few years ago on this list, and about who invented it (Sun), what it was designed to do, etc., people here would be delirious with excitement. instead, there is a bit of cynicism here that is a bit surprising to me. if there ever was a "cpunk language" that seeks to achieve widespread, home-grown, secure algorithms in cyberspace, I would consider this this closest. I highly recommend cpunks pay close attention to Java and help in its development, because imho it really has been conceived largely with key cpunk agenda items as basic design criteria. I suspect it is going to become a very strong standard and eventually recognized as one of the most secure pieces of software ever designed, at least in regards to theoretical capabilities. --Vlad Nuri