[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The Joy of Java

To: [email protected] (Timothy C. May), [email protected]
Subject: Re: The Joy of Java
From: [email protected] (Bill Frantz)
Date: Fri, 26 Apr 1996 18:02:36 -0700
Sender: [email protected]

At  3:57 PM 4/26/96 -0700, Timothy C. May wrote:
>I think the interesting target date to plan for is a year from now.

I said a few months ago that I thought Java would be ready for prime time
in a couple of years.  I think we are in complete agreement here.

>>(1) There are not many sources of high-quality entropy available to Java
>>applets.  Keystroke timings and scribble windows are probably the best
>>sources, but may represent an inconvenience for users.
>
>Shouldn't be any worse or any better than with the status quo, right? I'm
>not sure I see the Java issue. (I've been looking at SoundClip and
>AudioClip, but only cursorily.)

I think it is a bit worse since an applet doesn't get access to a lot of
stuff a C program, or even better an OS gets.  A C program has a lot of
environmental queries that might produce some entropy, although they would
also be available to an attacker on the same system.  The OS has access to
interrupt times, mouse movements, and keyboard timings for ALL the
applications that have run since boot.

>By the way, Hal Finney is working on a bignum package.

I know.  I have an (old) version on my disk.  AFAIK, Hal is the most active
person developing crypto and crypto related Java code.  He deserves thanks
from all of us.

Regards - Bill

------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
[email protected] | dead teenagers | Los Gatos, CA 95032, USA

Prev by Date: Re: trusting the processor chip
Next by Date: Re: The Joy of Java
Prev by thread: Re: The Joy of Java
Next by thread: Re: The Joy of Java
Index(es):
- Date
- Thread