|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Peter Conrad (conrad_at_tivano.de)
Date: Thu Jul 18 2002 - 04:56:09 CDT
Hi,
On Wed, Jul 17, 2002 at 12:17:13PM -0700, Mark Curphey wrote:
> http://www.srmmagazine.com/issues/2002-03/javasec.html
I think this is not at all a good article about java security. E. g. it
completely fails to mention that the security holes that were found by
Felten et al. had to do with the java security model. This means they
could be used to hack a user's machine using malicious java applets.
It does not mean you can hack a java web application server.
However, it's a nice article about how to approach making a security
analysis of a system, about methods to employ in the analysis. Therefore
it's a good read for anyone who build (web-)applications.
Bye,
Peter
-- Peter Conrad Tel: +49 6102 / 80 99 072 [ t]ivano Software GmbH Fax: +49 6102 / 80 99 071 Bahnhofstr. 18 63263 Neu-Isenburg
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]