cs205: engineering software?
20 September 2010

CS205 Notes 27 (25 October 2006)

Java Security

What does it mean for a programming language to be safe?

How does the Java programming language satisfy low-level code safety properties:

What safety properties can and cannot be enforced by the Java byte code verifier?

What kinds of properties can be enforced by reference monitors?

What are the vulnerabilities in the Java security approach?

If J. Random Websurfer clicks on a button that promises dancing pigs on his computer monitor, and instead gets a hortatory message describing the potential dangers of the applet --- he's going to choose dancing pigs over computer security any day. If the computer prompts him with a warning screen like: "The applet DANCING PIGS could contain malicious code that might to permanent damage to your computer, steal your life's savings, and impair your ability to have children," he'll click "OK" without even reading it. Thirty seconds later he won't even remember that the warning screen even existed.

Bruce Schneier, Secrets and Lies, 2000.