Archives
  Columns
  Features
  Print Archives
1994-1998
  Special
  BYTE Digest
  Michael Abrash's Graphics Programming Black Book
  101 Perl Articles
  About Us
  How to Access BYTE.com
  Write to BYTE.com
  Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE   REGISTER
Visit the home page Browse the four-year online archive Download platform-neutral CPU/FPU benchmarks Find information for advertisers, authors, vendors, subscribers Request free information on products written about or advertised in BYTE Submit a press release, or scan recent announcements Talk with BYTE's staff and readers about products and technologies

ArticlesLame Review?

June 1997 / Inbox / Lame Review?

Russell Kay's review of our CD-ROM, "Java Security: Managing the Risks" (April Bits), accuses us of offering lame advice to Java users concerned about security. The review is a prime example of the sort of treatment that security experts can expect from Java bandwagoneers. Our bottom line is not, as the review implied, to turn Java off, but to manage your risks: Educate yourself about the dangers of executable content, determine what (if anything) you have to lose, and set up an appropriate security policy. Unfortunately, there's no magic solution to Java security. If you have nothing to lose, you can surf with impunity. But if information is the lifeblood of your business, you had better think twice about surfing to unknown sites with a Java-enabled browser on a mission-critical machine.

Security is rarely an all-or-nothing proposition. You must decide for yourself ho w much risk you're willing to live with.


Authors, "Java Security: Managing the Risks"

I commend the authors' attitude about managing risks; I've been waving that flag in various IS camps for years. But the problem, in my view, is that the solutions they propose aren't workable in the real world. To "think twice about surfing to unknown sites with a Java-enabled browser" is fine as a philosophical perspective, but you can't get much work done that way. When did you last use a Web browser for more than a minute or so and not visit an unknown Web site? To reap the advantages of Java, you have to understand and accept some security exposures, which the authors make clear. But what IS administrators need from security policy and security tools is more than an Off switch and a warning label. This isn't a bad CD-ROM publication. But I think there's a better one that could have been.--Russell Kay, technical editor

Up to the Inbox section contentsGo to previous article: Moore vs. CryptoGo to next article: No TransferSearchSend a comment on this articleSubscribe to BYTE or BYTE on CD-ROM  
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it is theoretical--and no language better exemplifies this than C++.

more...

BYTE Digest

BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin, and dozens of other CMP publications—bringing you critical news and information about wireless communication, computer security, software development, embedded systems, and more!

Find out more
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE Volume 1: Programming Languages
The Best of BYTE
Volume 1: Programming Languages
In this issue of Best of BYTE, we bring together some of the leading programming language designers and implementors...

Copyright © 2005 CMP Media LLC, Privacy Policy, Your California Privacy rights, Terms of Service
Site comments: webmaster@byte.com
SDMG Web Sites: BYTE.com, C/C++ Users Journal, Dr. Dobb's Journal, MSDN Magazine, New Architect, SD Expo, SD Magazine, Sys Admin, The Perl Journal, UnixReview.com, Windows Developer Network