[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java

To: [email protected] (Greg Miller)
Subject: Re: Java
From: Adam Shostack <[email protected]>
Date: Tue, 10 Oct 1995 10:32:32 -0400 (EDT)
Cc: [email protected], [email protected]
In-Reply-To: <[email protected]> from "Greg Miller" at Oct 9, 95 06:11:39 pm
Sender: [email protected]


| 	I'd like to make this prediction:  someone at some point in time 
| will find another serious security hole in SendMail.
| 
| 	What you need to ask yourself is "Do the benefits of Java 
| outweigh the security risks?"

	A substantial risk that Java carries is that its 'secure'
label will get in through doors which should have remained closed to
it.  I would be worried about Java capable browsers in the Federal
Reserve, because people will say 'its nifty, its labeled secure, lets
use it.'

	I think there are some interesting liability models waiting to
be explored here.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

References:
- Re: Java
  - From: Greg Miller <[email protected]>

Prev by Date: Re: Certificate proposal
Next by Date: Re: PC disk wipe software
Prev by thread: Re: Java
Next by thread: Crypto's Role in Evil?
Index(es):
- Date
- Thread