« jclingan@SouthPark | Main | Talking about Java... »

20050510 Tuesday May 10, 2005

Prioritizing Security

Ever feel you are looking over your shoulder? I feel that every time I use my wife's Windows laptop. Fresh off the shelf with the latest revision of Windows XP, it didn't take long for it to soak up 5+ spyware applications and slow to a crawl. It somewhat explains why everyone wants 3+ Ghz desktops. Hey, we have a use for that 2nd CPU core now. For running spyware! How can such a "modern" operating system come off the shelf sssoooo insecure? "Modern" is quoted because there is an expectation of security in a networked world. Throwing punches at Windows is easy, but most operating systems have their holes as well (although other OS's take security more seriously IMHO). After using the iMAC and Linux/Java Desktop System for a couple of years now, I have yet to have a security breach (that I know of :) ). While they are not as big a target, this is a bit worrisome.

As a result of reading this this article, here is a question for my fellow bloggers. Would you take ZERO new features for a year if vendors focused on nothing but security? Some may consider that a step backwards. Some as a step forward. I would see it as one giant leap for mankind.

We have this great platform called "Java" that addresses the network security issues to a large degree. More developers should leverage Java if not for security alone. Anyone remember the HotJava browser? What a great browser. It's downfall? It actually rendered valid HTML. And only valid HTML. All that bad HTML out there helped kill the HotJava browser. What was nice about the HotJava browser was that it downloaded it's "plugins" on-the-fly with those "plugins" complying with the Java security sandbox model. That was before the Java 2 fine grained security model as well. Imagine only allowing file writes to the cache directory and "file download" directory. Cool. Wish we could bring back the HotJava browser. Then I could browse in peace, regardless of operating system. This is in no means a knock against my current browser, FireFox. I just feel safer with Java. My 2 cents.

(2005-05-10 08:37:56.0) Permalink Comments [2]

Trackback URL: http://blogs.sun.com/jclingan/entry/prioritizing_security
Comments:

A couple of points: 1) I agree that the Dashboard issue is a bit worrisome, but it's easily mitigated (configure Safari to not automatically open downloaded files - which probably should have been done by default anyway). The worrisome issue is that Apple either didn't consider this a risk or, worse, considered the risk and decided it was acceptable. 2) Would I take ZERO features for a year? Yes, if I could broaden the criterion to include major bug fixing in general.

Posted by brontitall on May 10, 2005 at 03:34 PM PDT #

Boyd, I'll be learning more Tiger soon. On the topic of security, bug fixes are OK, just no new features (and bug fixing in a new feature doesn't count :) ).

I really like your blog Look & Feel. I may be "borrowing" quite a bit of your look & feel for my blog. Your colors are just right for the "beach" theme I am working on.

Posted by John Clingan on May 10, 2005 at 07:45 PM PDT #

Post a Comment:

Name:
E-Mail:
URL:

Your Comment:

HTML Syntax: NOT allowed