Hack Java
Christian Wettergren
cwe at it.kth.se
Wed Jan 24 01:08:11 PST 1996
| On Tue, 23 Jan 1996, Benjamin Renaud wrote:
|
| > Yes. And if you also let an intruder in your house, have them sit at
| > your computer with your newborn child in the room and go on vacation,
| > things can get really, really nasty.
|
| I guess that wu-ftp never was distributed with security holes. Never
| heard of anyone distributing maliscious lookalike packages. How many
| folks do you think downloaded the linux-JDK and use it without checking
| it out first. That takes care of the compiler. And distributing bad
| netscape or other browsers is childs play. So I guess your newborn is
| relevant.
|
| Stick to your belief that Java is secure because, darn it, it just would
| be hard for anyone to do bad things with it. Please.
I think what we should worry about is the second-order effects of
Java; how will the world look like when Java is everywhere?
We should also not discount the "social" effects; what will people
do to try to circumvent the "stupid" safeguards that Java will be
distributed with.
I have earlier heard the opinion from the Java team (I believe) that
this is not "Java's fault", and I can understand that standpoint.
My opinion is still that the net result (pun intended!) is even weaker
security, because of these two reasons above.
(In my darker moments, I feel that the whole field of computer security
is in a major crisis. Ever heard of the Emperor's New Clothes? ;-))
Just some mumbling from,
Christian Wettergren
More information about the cypherpunks-legacy
mailing list