Applets and privacy


One of the reaons that the java sandbox was created was to prevent a malicious web site owner from reading what's in your mail box or your tax files. (Let's forget for a moment that major vulnerabilities often appear in outlook, IE and windows that allow hackers to do worse, (why are you using any of these products anyway?))

Similiarly you wouldn't want an applet to connect to some hacker's computer and pass on information about what keystrokes you have typed in. (But please do check if you have spyware on your computer. That software you downloaded from that website last month may have been spyware. And be carefull about the spy ware remover that you use. It will eliminate spyware from other author's while happily installing it's own)

You probably don't want the applet to report to it's author what other websites you visit (even though your ISP may use a proxy to intercept (and then log) all that you do while you are online). That's why the sandbox prevents applets from accessing the local hard disk, opening sockets on remote servers setting certain enviorenmental variables etc etc all to protect your privacy.

I can hear you saying "what's my point?". My point is that having the applet sanbox is like locking, bolting and barring your front door while keeping the back door open along with dozens of windows.

By the way, did you check mail just now? someone stole your password while it was been sent in clear text to the POP3 server.

comments powered by Disqus