[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FV, Netscape and security as a product
Greg Broiles wrote:
> Netscape and FV have both taken a
> "security is a product" stance, which is a gross misrepresentation.
We are definitely moving away from the "security is a product" stance
that you mention. It was definitely overdone in the early days of the
product, but after the security bugs of the summer I and others were
able to convince marketing that they should back off. I want it to
be clear what our product can and can not do. For example, SSL can
only protect data in transit between two machines. If either machine
is compromised then the data can be stolen at that end. Our product
does not attempt to secure the user's machine, and can not operate
securely on an insecure machine. Expect to see warnings and disclaimers
of this nature from us in the future.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
[email protected] - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.