Java Security Fears (1996)

Java and the people freaking out.
Before I say anything about Java: If you believe your life is in mortal danger over this evil operating system spawned from the loins of hell, please disable java in your browser. Click on Options in your menu bar above. Check Security (version 2.0) or Network Preferences and Languages (version 3.0) and you’ll find where you can disable Java.

OK, now we get to the dirt, muhahahaha! Java is the programming language from Sun Microsystems which runs on virtually all operating systems. The revolutionary thing about this lies in the structure of the internet. People logon to the internet with every kind of machine imaginable. The internet reached a point where HTML couldn’t cut it for advanced functionality but programming languages like C++ offered security holes as big as my grandma and a severe lack of cross platform architecture. Enter Sun Microsystems.

Java was developed as a stripped down version of C++ with a highly flexible cross platform architecture. All of the security holes were kicked out of C++ along with most of its most complicated (and useful) code. Sun thought they had beat the problem and solved the net’s woes. So what’s the problem?

Java unfortunately does not work in a vacuum. It runs with internet server software and browsers and a host of other beta programs. This complex organism which makes up our internet connectivity can not be nailed down into bulletproof security. That’s why several bugs have been found in the operating system and bugs will continue to be found. By bug, I mean, a creative way to exploit the complex organism, to get past security features on a server, and gain access to secure information on the other side. It is important to note that the people most likely to find these bugs are college students studying computer science trying out new ideas on their computers and networks. The real question is: Should you be afraid?

The answer is pretty simple. No.

Programmers of the world have a society amongst themselves much like that of the science community. When a new discovery is made, the adventuring scientist immediately publishes his find so that he or she may get credit for being the most creative and brilliant, if even for just a moment. The same goes for the programming community. Most hackers look for these bugs so that they too may have their 15 minutes of fame. Rest assured that every time a bug is published in this network, Netscape and Sun, quickly releases an upgrade which patches up the hole. This is the way complex programs are refined and honed into secure, functional ways to communicate.

It is not going to change anything by staying away from “strange” sites or giving instruction not to visit a site you don’t trust. Please be assured, if you are a regular run-of-the-mill internet user: No one is looking to steal your excel files or DOOM passwords.

Comments

Whatya think?