|
So Java applets are actually safer than downloading C C++ or Java Applications as applets cannot access the local disk (unless there is an implementation bug!)
|
|
However Applets are so much easier to download as they happen automatically when the HTML page containing them is accessed. Thus they need much stronger security
|
|
Note that one typically assumes that downloading from a site such as Netscape MIT or Microsoft is safe but this can be spoofed due to internet routing!
|
Note that plug-ins are such C/C++/Java code and subject to security difficulties
-
A Macromedia Shockwave plug-in had a bug that allowed one to use it to read information on client computer and so violate (at least) confidentiality
|
|
Correct!
|
|
Rogue Site substitutes Evil Program
|
