[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: java security concerns

On Tue, 10 Oct 1995, John Lull wrote:

> On Mon, 09 Oct 1995 17:30:38 -0700, [email protected]
> (Chuck McManis) wrote:
> > >By the way, I suggest that Sun should offer a large money prize for
> > >the first significant security hole found the Java implementation. Its
> > >a tiny price to pay for security.
> > 
> > I don't think the lawyers would let us. 
I think this means they didn't ask.
If they did, perhaps the problem is their ability to say with a straight 
face that their product is "secure" while at the same time running a 
contest to find insecurities!


> Pardon my French, but if your lawyers make it impossible to do
> technical work correctly, isn't it time to get new lawyers?  I can't
> see how offering a reward for reporting bugs could possibly be
> objectionable to any rational lawyer.
> This can be a VERY useful (and very inexpensive) debugging technique.
> Didn't Knuth offer a cash reward to the first person to find each typo
> in his "Fundamental Algorithms" series -- and then doubled the amount
> each year?
> It can also be a very useful teaching tool, in that it encourages
> users to explore little-used corners of a system.
> I applaud any company that has the guts to do it.

Not a lawyer on the Net, although I play one in real life.
Flame away! I get treated worse in person every day!!