[4973] in WWW Security List Archive
Re: Prediction:Plug-ins will go away (Re: Automatic trojans)
daemon@ATHENA.MIT.EDU (Jay Heiser)
Wed Apr 2 16:02:48 1997
Date: Wed, 02 Apr 1997 12:17:04 -0500
From: Jay Heiser <Jay@homecom.com>
Reply-To: jay@homecom.com
To: Richard Costine <rjc@n2k.com>
CC: Matthew Patton <patton@sysnet.net>, WWW-SECURITY@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Richard Costine wrote:
Jay Heiser wrote:
> executable content. I think that plugins are either going to go
away,
> or they are going to be extended to take advantage of some
browser-based
> security infrastructure. Executable content is a great idea, but
it's
> Matthew Patton wrote:
> Any thoughts on how to deal with this other than the obvious and
> never ending "user awareness training"??
I agree that executable content is a "good thing" - it adds value to
the......
library-based media. It also works provided that you have a trusted
sandbox to play in. I don't think most "clueful" folks place a lot
of
trust in the sandbox that they've been given to use (ie. Java and
ActiveX). I guess supplying this "trust" is a job for the real
programmers that are left. You know: the ones that actually know how
to
write code that will manage a linked-list or binary-tree, or still
know
what a hash table is, and why you would use one in lieu of the
former,
Note: Clueful = Internet security-consious group of people
This is going back a few years, but I do remember some of those things
from college. ;-) I don't claim to be a network programmer, so I
don't claim the competence to be able to evaluate the internals of any
specific JVM implementation. I do feel that the Java security model &
architecture from SunSoft are pretty good (yes, SunSoft has published
something that they refer to as an 'architecture' for applet security).
The thing that turned into Java was originally intended for embedded
system programming for TV set top boxes etc, so it shouldn't be
surprising that it comes with some baggage. In practice though, it
seems to be working out pretty well. All the security failures I'm
aware of have been in the laboratory and were quickly patched. I'm sure
if you took your strongest lab technician, handed them a sledge hammer,
and asked them to take a couple cracks at the windshield of my car, that
it would break. This doesn't mean that I avoid driving.
Java security could be much better, but so far, it already seems better
than a lot of network code. Sendmail is hardly foolproof. Kerberos has
undergone 4 major revisions. Heck, MS-Word macros represent a huge
risk. Compared to other code, Java ain't that bad. Humanity might
be better served by putting resources into replacing sendmail than
performing major surgery on the JVM.
--
Jay Heiser, 703-610-6846, jay@homecom.com
Homecom Internet Security Services
http://www.homecom.com/services/hiss
