Downloading Software is Dangerous?

• So Java applets are actually safer than downloading C C++ or Java Applications as applets cannot access the local disk (unless there is an implementation bug!)

• However Applets are so much easier to download as they happen automatically when the HTML page containing them is accessed. Thus they need much stronger security

• Note that one typically assumes that downloading from a site such as Netscape MIT or Microsoft is safe but this can be spoofed due to internet routing!

• Note that plug-ins are such C/C++/Java code and subject to security difficulties

  • A Macromedia Shockwave plug-in had a bug that allowed one to use it to read  information on client computer and so violate (at least) confidentiality

Correct!

Rogue Site substitutes Evil Program

Previous slide

Next slide

Back to first slide

View graphic version