Java musings

[Russell Nelson]

Frederick B. Cohen writes:

 > 	- They won't back up their claims of security by assuming liability
 > 		for resulting damages.  Their liability disclaimers tell
 > 		us they think their security is worth exactly nothing.
 > 		They are asking us to bet control of our IT on a product
 > 		that they take no responsibility for.

You haven't paid for liability claims.  Why do you think you should be
able to pursue them?  I don't know of *any* software which is
guaranteed.  But now you have the opportunity to change that.  Point
out all of Java's problems, and then sell them a solution that fixes
those problems.

 > 	- They don't even provide us with the ability to control their
 > 		product in the way we control other purchased software
 > 		we place into our environments.  The inability to restrict
 > 		which programs from which sources are run on our machines
 > 		is a fundamental element of control.

Again, sounds like something you could sell.  Sell an HTTP proxy that
only passes Java content if it's been signed by your company.  And, of
course, sell the matching signing service.

There are no problems, really, just business opportunities.

-russ <nelson at crynwr.com>    http://www.crynwr.com/~nelson
Crynwr Software   | Crynwr Software sells packet driver support | PGP ok
11 Grant St.      | +1 315 268 1925 voice | Flushing, NY.  Not just a suburb,
Potsdam, NY 13676 | +1 315 268 9201 FAX   | it's a good idea in general.