[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java & Netscape security (reply to misc. postings)



I keep telling you people.. if you keep giving Fred the attention, he
is never going to go away. Its blindingly obvious that he doesn't know
his ass from a hole in the ground, but if you keep telling him that,
its just going to encourage to post more, post more frequently, and
make a bigger fool of himself then he already has. Just ignore
everything he says. Make a proc-mail script to send his mails to
/dev/null or sends them through the text-to-hick filter. But whatever
you do, do *not* send him money, do *not* feed him, and *never* *ever*
no matter how much he begs, nt matter how much he pleads, *NEVER*
reply to this man's messages.

We need one of those little posters like the "Do not takes checks from
this man" ones in the grocery store.

Christopher

> > 3.  Postscript considered dangerous:   (insert-smiley) 
> > 
> > As for the question of someone invoking a postscript interpreter via a
> > browser and thus opening up their system to some rogue postscript
> > file: I think it would be great if either of these two things were to
> > magically happen:
> > 
> > 	1) people would stop putting postscript docs on web pages
> > 	because it's the wrong technology for WWW - it wastes
> > 	bandwidth - it's hard to view & hence often ugly - everyone
> > 	just prints it out anyway and then complains because there
> > 	is no one "standard" implementation of postscript printing
> > 	worldwide and there are dozens of minor problems
> > 
> > 	2) someone could implement a secure postscript previewer
> > 	(whatever that means!) 
> > 
> > I doubt either of those two things will happen.  The average Jo on the
> > internet needs to understand that when s/he downloads binary files
> > over the internet and run them from insecure programs on their local
> > computer, well, s/he runs some risk.  This risk might be tiny, but
> > it's impossible to quantify loss.  If I lose a poem that I'm writing,
> > to me that's priceless, so I do not intend to imply that loss of data
> > isn't tragic for the person who loses it.  If you have data you can't
> > bear to lose, be sure to practice safe computing.  Perform backups
> > regularly, and use judgement about which interpreters and executable
> > programs you allow to run on your PC.
> > 
> > Marianne
> 
> It seems clear from this that Netscape, or at least Marianne who seems
> to speak for Netscpe, doesn't understand the protection issues that my
> clients face.  I will nevertheless forward this official Netscape line
> to them so they can better understand why I tell them it is insecure.
> 
> -- 
> -> See: Info-Sec Heaven at URL http://all.net/
> Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236