Basic HTML version of Foils prepared April 7 1998

Foil 12 Downloading Software is Dangerous?

From Basic Principles of Java and Internet Security CPS616 Web Technologies -- Spring 98. by Geoffrey C. Fox

So Java applets are actually safer than downloading C C++ or Java Applications as applets cannot access the local disk (unless there is an implementation bug!)
However Applets are so much easier to download as they happen automatically when the HTML page containing them is accessed. Thus they need much stronger security
Note that one typically assumes that downloading from a site such as Netscape MIT or Microsoft is safe but this can be spoofed due to internet routing!
Note that plug-ins are such C/C++/Java code and subject to security difficulties
  • A Macromedia Shockwave plug-in had a bug that allowed one to use it to read information on client computer and so violate (at least) confidentiality
Rogue Site substitutes Evil Program

© Northeast Parallel Architectures Center, Syracuse University,

If you have any comments about this server, send e-mail to

Page produced by wwwfoil on Sun Nov 29 1998