Fun with M$
Andy Brown
a.brown at nexor.co.uk
Thu Aug 15 06:14:03 PDT 1996
On 15 August 1996 06:16, Bill Stewart[SMTP:stewarts at ix.netcom.com] wrote:
> >Microsoft has chosen what Sun should have: leave the security to the user,
> >don't take it away from everyone. Java has been severely crippled by the
>
> User? What user? The poor unsuspecting fool who hits the web page?
> The kind friendly person who writes web pages that turn off Win95?
> Executing signed code from web pages is semi-ok, if the default is to
> trust no one and make the user explicitly grant permission to code authors.
> Executing anything that comes down the wire is foolish, and writing
> software to do so is rabidly negligent.
The default (at least on beta-2 of ie) is to not trust anyone unless you
explicity say so. If the user then decides to execute "k3wl kontro1" from
phreak.net then that's their problem.
Does anyone know what the legal implications of signed code are? That is,
if Company A signs their Active X control and it's later found to corrupt
users data, does the signature (which is supposed to make the user trust
the control as safe), open up the company to litigation for damages?
More information about the cypherpunks-legacy
mailing list