> Our argument with Java is not primarily about whether they achieve their > stated technical security objectives. It is about the choice of objectives. To the extent that the Java security architecture makes design embeddings that facilitate such flaws (which it does), I am not sure I agree.