Basic HTML version of Foils prepared May 19 99

Foil 12 Downloading Software is Dangerous?

From Remarks on Internet and Java Security Basic Information Track Computational Science Course CPS616 -- Spring Semester 1999. by Geoffrey Fox, Mehmet Sen


So Java applets are actually safer than downloading C C++ or Java Applications as applets cannot access the local disk (unless there is an implementation bug!)
However Applets are so much easier to download as they happen automatically when the HTML page containing them is accessed. Thus they need much stronger security
Note that one typically assumes that downloading from a site such as Netscape MIT or Microsoft is safe but this can be spoofed due to internet routing!
Note that plug-ins are such C/C++/Java code and subject to security difficulties
  • A Macromedia Shockwave plug-in had a bug that allowed one to use it to read information on client computer and so violate (at least) confidentiality
Correct!
Rogue Site substitutes Evil Program



© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Wed May 19 1999