[E-Lang] Java 2 "Security" (was: Re: Welcome Chris Skalka and ScottSmith of Johns Hopkins)

Ben Laurie ben@algroup.co.uk
Wed, 03 Jan 2001 11:25:36 +0000


Ken Kahn wrote:
> 
> From: Marc Stiegler <marcs@skyhunter.com>
> >
> > Lastly, I do hope everyone understands that the ability to "sign" applets
> > and applications has nothing to do with security. Signing apps is what
> > marketing people propose when technical people explain that real security
> is
> > not possible; it allows the tool developer to blame the victim when a
> signed
> > app engages in malicious action (hey, the victim authorized the app,
> didn't
> > he? It's his own fault).
> >
> 
> I guess I don't understand. When I accept something signed by say Microsoft,
> then unless the key used to sign it was stolen and not revoked then I can
> trust it as much as a CD-ROM I bought from Microsoft. While that may not be
> enough security for some purposes or contexts, to me that is a lot more
> security than if I run some unsigned code.

An unfortunate choice of signers. But yes, this is the marketing
argument - if it goes wrong, there's someone to blame.

> Maybe it would even be possible to successfully sue the signer of the app if
> it engages in malicious action.

Exploits for various commercial software are published daily. I have yet
to hear of anyone even attempting to sue the vendor for the fact that
those are possible, let alone succeeding.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff