Re: Java, Netscape, OpenDoc, and Babel

[solman@MIT.EDU]

|> As a security consultant, I'm very happy about Java because once the
|> holes are found in it and massive, Morris style worms are launched
|> with it, I'll be laughing all the way to the bank.

|> I exagerate only slightly. I don't believe Java to be secure, in spite
|> of the claims. Its too complicated, and it operates in an environment
|> who's correct operation is required for it to remain secure. Good
|> system design says that you want a system's failure mode to produce a
|> secure result, but thats not what Java does.

I disagree for the simple reason that Java and Hotjava are not being
treated as trusted code in their applications. Applets are tightly
contrained in what they can do, and hotjava's default attempt to
configure a "firewall" when it boots up is not likely to engender a false
sense of security.

I've been looking at the Java code closely for a couple of months now, and
I find it to be relatively clean in its implementation (Solaris version at
least). I think the biggest worry might be holes in the non-Sun ports along
the host machine interfaces. Overall, I give the Solaris implementation
extremelly high marks in terms of its security. I think I'm actually more
worried by far less powerful browsers whose code I don't approve of, like
Mosaic. The vast majority of security problems result from the fact that
most code has security added in AFTER coding starts. Java has been designed
for excellent security from the very begining.

JWS