[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Java & Netscape security (reply to misc. postings)
I keep telling you people.. if you keep giving Fred the attention, he
is never going to go away. Its blindingly obvious that he doesn't know
his ass from a hole in the ground, but if you keep telling him that,
its just going to encourage to post more, post more frequently, and
make a bigger fool of himself then he already has. Just ignore
everything he says. Make a proc-mail script to send his mails to
/dev/null or sends them through the text-to-hick filter. But whatever
you do, do *not* send him money, do *not* feed him, and *never* *ever*
no matter how much he begs, nt matter how much he pleads, *NEVER*
reply to this man's messages.
We need one of those little posters like the "Do not takes checks from
this man" ones in the grocery store.
Christopher
> > 3. Postscript considered dangerous: (insert-smiley)
> >
> > As for the question of someone invoking a postscript interpreter via a
> > browser and thus opening up their system to some rogue postscript
> > file: I think it would be great if either of these two things were to
> > magically happen:
> >
> > 1) people would stop putting postscript docs on web pages
> > because it's the wrong technology for WWW - it wastes
> > bandwidth - it's hard to view & hence often ugly - everyone
> > just prints it out anyway and then complains because there
> > is no one "standard" implementation of postscript printing
> > worldwide and there are dozens of minor problems
> >
> > 2) someone could implement a secure postscript previewer
> > (whatever that means!)
> >
> > I doubt either of those two things will happen. The average Jo on the
> > internet needs to understand that when s/he downloads binary files
> > over the internet and run them from insecure programs on their local
> > computer, well, s/he runs some risk. This risk might be tiny, but
> > it's impossible to quantify loss. If I lose a poem that I'm writing,
> > to me that's priceless, so I do not intend to imply that loss of data
> > isn't tragic for the person who loses it. If you have data you can't
> > bear to lose, be sure to practice safe computing. Perform backups
> > regularly, and use judgement about which interpreters and executable
> > programs you allow to run on your PC.
> >
> > Marianne
>
> It seems clear from this that Netscape, or at least Marianne who seems
> to speak for Netscpe, doesn't understand the protection issues that my
> clients face. I will nevertheless forward this official Netscape line
> to them so they can better understand why I tell them it is insecure.
>
> --
> -> See: Info-Sec Heaven at URL http://all.net/
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236