WSJ on Big Java Flaw
David Macfarlane
dmacfarlane at zip.sbi.com
Fri Mar 29 06:15:30 PST 1996
[snip]
> > Mr. Felten said that unscrupulous people who discovered the
> > flaw could boobytrap a Web page on the Internet,
> > essentially seizing control of the browser software of any
> > PC that tapped into that page. At that point, the hackers
> > could read or delete an entire hard disk of data files.
> > "The consequences of this flaw are as bad as they can be,"
> > he said.[..]
>
> The generalized halting problem comes to mind...
>
> Since it can be proved that there's no complete set of heuristics
> to tell if a given program has a characteristic (such as "secureness")
> then sooner or later someone will discover another security flaw.
>
> A question is whether a simple patch is made or if the set of heuristics
> is widened (ie, learn from mistakes) so that similar flaws can be found
> based on knowledge of that one flaw.
Since this Java error is probably deep in the bytecode interpreter,
the question is will Sun patch this *particular* problem, still allowing
others, or will it have to rewrite the interpreter so that it enforces
the language more rigorously? They are under pressure to make a
"quick fix" (they've promised something in two days), but real
security needs to be built in to a system from the ground up,
with disciplline and thorough design. If they need to redesign their
approach to implementing the bytecode interpreter, that could take
weeks, months?
BTW, its a testament to security through code review, as the Princeton
team probably could not have discovered this deep flaw without looking
through the code.
David Macfarlane.
More information about the Testlist
mailing list