[3329] in java-interest
Re: PRINCETON STUDENTS FIND HOLE IN INTERNET SECURITY SOFTWARE
daemon@ATHENA.MIT.EDU (will@meister.com)
Tue Nov 7 21:17:35 1995
From: will@meister.com
Date: Tue, 7 Nov 1995 23:09:15 +0000
To: java-interest@java.sun.com
>For Immediate Release
>Date: Nov 6th, 1995
>Contact: Sameer Parekh 510-601-9777 sameer@c2.org
>
>(((Two students found that))) viruses and other malicious programs (((are)))
>>possible within the alpha HotJava web browser. The
>holes they found make it possible for a malicious applet to set things up so
>as to be able to monitor or modify all of a given web-surfer's
>activity. By doing so the applet may make it possible to violate user's
>privacy >by revealing to an third party their web traffic.
>The holes they found exist only in the alpha release of HotJava. The
>beta release, which is the version found in the widely-used Netscape
>Navigator 2.0b1J is not vulnerable to these attacks.
Guys, I'm sure everyone read this post carefully. I was unimpressed-I would
never have dreamed that Java could run without offering such loopholes, and
was most surprised to find that the beta version has cured the alpha
version's (alleged) deficiencies. However, I would still appreciate some
kind of statement from Sun on the subject. Sorry to pull you away from the
development process-but I know I'd feel happier if I was sure you had this
one nailed down, and I suspect that a few other people might feel the same.
=================================================
My new domain name is now active and my old e-mail address expires shortly.
Please update your mailer.
Will Meister
-internet training & consultancy in plain english
-will@meister.com
-0181 747 1607
-
This message was sent to the java-interest mailing list
Info: send 'help' to java-interest-request@java.sun.com
