[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: java security concerns

On Mon, 09 Oct 1995 17:30:38 -0700, [email protected]
(Chuck McManis) wrote:

> >By the way, I suggest that Sun should offer a large money prize for
> >the first significant security hole found the Java implementation. Its
> >a tiny price to pay for security.
> I don't think the lawyers would let us. 

Pardon my French, but if your lawyers make it impossible to do
technical work correctly, isn't it time to get new lawyers?  I can't
see how offering a reward for reporting bugs could possibly be
objectionable to any rational lawyer.

This can be a VERY useful (and very inexpensive) debugging technique.
Didn't Knuth offer a cash reward to the first person to find each typo
in his "Fundamental Algorithms" series -- and then doubled the amount
each year?

It can also be a very useful teaching tool, in that it encourages
users to explore little-used corners of a system.

I applaud any company that has the guts to do it.