[4312] in WWW Security List Archive
Re: Sceptic about (Funds Transfer w/o PIN)
daemon@ATHENA.MIT.EDU (BVE)
Sun Feb 9 22:07:04 1997
Date: Sun, 9 Feb 97 19:25:21 EST
From: bve@quadrix.com (BVE)
To: hallam@ai.mit.edu
In-Reply-To: <199702090313.WAA15680@life.ai.mit.edu> (hallam@ai.mit.edu)
Cc: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
But can we trust the strength of the sandbox? It seems to me
..but can we trust the strength of our OS's security? Even your VMS system
(mentioned below) can have poorly written code which can be exploited. Does
this mean that we shouldn't bother trying to provide security? The Java
sandbox deals with the issue of security, front and center. While bugs may
(and have) been found, it *does* work.
In fact, it works a little *too* well, and the new version of the virtual
machine is therefore allowing finer granularity for authorizing activities of
an applet. IMHO, this is *much* better than the ActiveX approach, which says,
"allow everything, if the sender is allowed." In fact, MS CAN'T fix the
granularity problem, since their fundamental technology does not allow it. The
Java virtual machine represents a technology which can be tuned to the needs of
its users. This is a strong step to improving security of net-based
applications.
make systems secure on the net. The PC security model is now entirely
inadequate.
I wholeheartedly agree with this point. Win 3.1, and Win 95, need to be thrown
out. Basic user security, which we've had in other computer systems for over
30 years now, needs to come to the desktop.
to do useful work a program has to have access to critical data. I remain
very skeptical of the idea that a sandbox can be constructed securely
unless
it is part of a radical operating system redesign.
The Java Virtual Machine represents a radical operating system redesign. It
allows a virtual computer to exist on any platform. This virtual machine can
be taught to implement any security policy desired. The first step in this
process has already been taken. Now, finer granularity must be implemented.
This is already happening. As mentioned above, the new version (which will be
in Netscape 4.0) will allow finer control over allowed activities. I believe
that the model under development has some significant problems, but it's
another step in a logical progression which has the potential to solve our
net-based computing security problems.
-- Bill Van Emburg
Phone: 908-235-2335 Quadrix Solutions, Inc.
Fax: 908-235-2336 (bve@quadrix.com)
Check out http://yourtown.com! (http://quadrix.com)
"You do what you want, and if you didn't, you don't"
