[Previous] [Next] [Index]
[Thread]
Re: Java Hole: Web Graffiti & Covert Channels
>> the idea [is] that a user hitting any site on the web after activating
>> the trojan horse applet, will see whatever it is the trojan horse wants
>> them to see by REDIRECTING the URL locations to the hacker server ...
jacob rose replied:
> Goodness, everyone. This is not a bug in Java! You can do this with a
> CGI script! ... So, really, this problem has nothing to do with Java,
> it's simply a consequence of hypertext.
the point of the complaint, is that java is supposed to be more
secure than CGI; that's one of java's main design goals, and one
which java has consistently failed to meet.
-don davis, boston
Follow-Ups:
References: