[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why I dislike Java. (was Re: "Scruffies" vs. "Neats")

To: [email protected], [email protected]
Subject: Re: Why I dislike Java. (was Re: "Scruffies" vs. "Neats")
From: Hal <[email protected]>
Date: Tue, 30 Apr 1996 22:21:59 -0700
Sender: [email protected]

From: "Perry E. Metzger" <[email protected]>
> 
> The Web is the universal marketplace these days. Being unable to use
> the web is the equivalent of being unable to use the phone. I have
> research analysts at large trading houses begging for
> Netscape. Unfortunately, these people have a need for top notch
> security, because vast amounts of money are at stake.
>  [...]
> Unfortunately, when the same machine runs Netscape so the
> trader can read the UUNet/MFS merger press release and also has the
> big shiny red "trade!" button on some application, you get nervous.

Aren't you holding Java to a higher standard than ordinary applications?
If your traders run any software at all on their machines there is the
risk of harm.  The Netscape binary itself could be hacked to do bad
things.  Likewise with any other software they run.

Wouldn't it be safer to run a Java applet than a typical program from the
net?  At least applets run in an environment which is designed to
restrict the harm they can do.  In OS's like Windows 95 there are no
such restrictions on programs.

Take a specific example: Mixmaster.  This is a client for the remailer
network.  It is reasonably well suited to being implemented as a Java
applet given the current restrictions on the language.  If you had a
choice between downloading and running the client as a program on your
PC, versus loading and running it as an applet, which would you prefer?

Or if you would do neither, how would you go about acquiring this
functionality?  Would you forego it forever, or would there come a time,
say if no one else reported problems, that you would be willing to run
one or the other?

What I am really trying to get at is how you balance the risks that
come automatically when you interact with the net against the benefits
you get by doing so.  You have chosen a certain point on the
risk-reward continuum, one for which Java applets are apparently on the
too-risky side.  So I am wondering what principles you use to decide
where a proposed application falls.

Hal

Prev by Date: Re: Freedom and security
Next by Date: Re: Former CIA Director and *Strategic Investment* Editor
Prev by thread: Re: Why I dislike Java. (was Re: "Scruffies" vs. "Neats")
Next by thread: SF area: Bernstein victory beach volleyball party, this Sunday
Index(es):
- Date
- Thread