[E-Lang] Java 2 "Security" (was: Re: WelcomeChrisSkalkaandScottSmith of Johns Hopkins)

Jonathan S. Shapiro shap@eros-os.org
Sat, 3 Feb 2001 17:34:52 -0500


> >I suspect my
> >reaction is partially affected by my distrust in the ability of type-safe
> >languages to provide a high enough level of assurance.  The lesson I
> >draw from the Java experience is that, with today's technology, type-safe
> >languages just don't provide the same level of assurance of isolation
that
> >is achievable with more traditional ...

Capabilities cannot guarantee good architecture; neither can language
runtimes. It is easily possible to build bad systems on almost any
foundation (and I will forego the temptation to name names here). While
there are a few failings in the Java VM, there really are only a few -- it's
close (which is why it's so frustrating). It is the runtime for Java that is
fatally flawed, and (like determinism) once you lose your way you generally
cannot recover.

Challenge for whoever wants to discredit E/Java: build a really popular but
completely insecure app/user environment on top of a securable platform.

> The system I really like is a capability language running in a capability
> OS.  E in EROS comes immediately to mind.

Thanks. We're doing what we can...

> >I understand and fully sympathize with your goal. Getting to a better
future
> >through small evolutionary steps is always just better when it can be
made
> >to work.

No.

What you say is *often* true, but there are brief windows of time when
circumstances conspire to deliver a market that is well-primed for
disruptive change. We have such a market at hand. Let us not distract
ourselves into neglecting that opportunity.


Jonathan