[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WSJ on Big Java Flaw



At 10:58 AM 3/26/96 -0500, John Young wrote:

>   Java was originally touted by Sun as a secure language. But
>   at least two other flaws have already been discovered in
>   the technology, including a less-serious problem uncovered
>   by the Princeton team last month. Sun's Ms. Mueller said
>   the problems have been correctable details in the way the
>   Java code is written, not problems with its basic design.

Having worked on a secure OS, with a small security kernel etc. etc. etc. I
realize that even those systems have bugs.  The Java people will work out
their bugs.  Others will read their code and find more bugs.  (It is to
Sun's GREAT credit that they are releasing their source under a not very
restrictive license.)  Eventually, in several years, Java security will be
ready for prime time.

Of course, for really valuable things, or the really paranoid, you
shouldn't connect your computer to a network.  The top dog certificate key
in SET is handled this way.

Regards - Bill


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
[email protected] | dead teenagers | Los Gatos, CA 95032, USA