[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The Joy of Java
> Somewhat independent of the security/safety issues regarding Java
> applets, there are also questions about their suitability for crypto
> applications. Applets currently labor under several restrictions (at
> least when part of the Netscape browser) which make it hard to do crypto:
>
> Applets cannot accept net connections, and they can only make outgoing
> connections to the host which provided them to the browser.
>
> Applets cannot read or write local disk files.
>
> Applets cannot access other local hardware, such as smart cards,
> printers, or microphones.
[SNIP]
> So there are limits to how much safety you can expect. Hopefully with
> signed applets it will be OK to authorize some overrides of the current
> restrictions so that these other kinds of applications can be provided.
My understanding is, Java applications (as opposed to applets) don't have
those limitations, and can do _almost_ anything a C program can. The
applications still have the full cross-platform compatability. IMO dumping
the security of applets in favour of the capability of applications is a
good idea. After all, the applet security features have a lot of flaws,
so why limit your programs when it's not offering any real security?
Signing programs is a good idea. It will provide better security than we
currently have, without having to limit the capabilities of the software.
JMHO.
=====================================================================
| Steve Reid - SysAdmin & Pres, EDM Web (http://www.edmweb.com/) |
| Email: [email protected] Home Page: http://www.edmweb.com/steve/ |
| PGP Fingerprint: 11 C8 9D 1C D6 72 87 E6 8C 09 EC 52 44 3F 88 30 |
| -- Disclaimer: JMHO, YMMV, IANAL. -- |
===================================================================:)