[Previous] [Next] [Index]
[Thread]
Re: Java Hole: Web Graffiti & Covert Channels
On Fri, 10 May 1996, Donald T. Davis wrote:
> >> the idea [is] that a user hitting any site on the web after activating
> >> the trojan horse applet, will see whatever it is the trojan horse wants
> >> them to see by REDIRECTING the URL locations to the hacker server ...
>
> jacob rose replied:
> > Goodness, everyone. This is not a bug in Java! You can do this with a
> > CGI script! ... So, really, this problem has nothing to do with Java,
> > it's simply a consequence of hypertext.
>
> the point of the complaint, is that java is supposed to be more
> secure than CGI; that's one of java's main design goals, and one
> which java has consistently failed to meet.
> -don davis, boston
>
I'd say that Java is safe but the programs written in Java are not safe !
#=============================================================#
# Radovan Chytracek Slovak Academy of Sciences #
# Watsonova 47,Kosice,04001, #
# Slovak Republic #
# phone: +42 95 633 2741-2 , ext. 156 fax : +42 95 633 6292 #
#===================#=========================================#
# Linux iii is the # chytrace@saske.sk #
# best (0 0) choice # http://www.saske.sk/~chytrace #
#===ooO==U==Ooo=====#=========================================#
References: