IP: this is getting boring -- lock the edoors

[Dave Farber <farber () central cis upenn edu>]

Sun said it intends to fix the problem by adding ways of monitoring
and limiting how much memory is used by its miniprograms,
called applets. The company said it has known about the problem
since Java was introduced in January.


Rogue Java roaming Net


No crashes documented yet from hostile programs


Published: May 17, 1996


Mercury News Wire Services


Sun Microsystems Inc.'s popular computer language, Java, could expose
Internet users to an unexpected risk -- rogue programs that can take over a
computer and cause it to crash.


Java lets computer users download programs from the Internet and immediately
start running them on their computers. But researchers at Princeton
University said it is possible to write
hostile Java programs that use all the computer's processing capacity and
cause it to malfunction.


The problem was brought to light by Home Page Press, a Fort Lauderdale,
Fla.-based technology consultant that published the findings on the
Internet. Sun subsequently posted a
warning on the World Wide Web.


Sun said it intends to fix the problem by adding ways of monitoring and
limiting how much memory is used by its miniprograms, called applets. The
Mountain View company said it has
known about the problem since Java was introduced in January.


Edward W. Felten, assistant professor of computer science at Princeton, said
such hostile programs would do no permanent damage to data stored on the
computer. And there is no
record of a computer being attacked by a hostile Java programs. But he said
computer users should be concerned. ''People should always be aware when
they are using the Internet that
there is something that could go wrong,'' said Felten.


The Java language has been hailed as a crucial development in computer
networking. Unlike programs written in other languages, Java software can be
run on many kinds of computers
without any changes. In theory, an IBM personal computer, an Apple Macintosh
or a Unix workstation could each run the same Java program, and a Java
program stored on a network
could be run by any computer connected to that network.


Many sites on the Internet's World Wide Web have built-in Java applets that
are fed into any computer visiting the site. If the computer has a Netscape
Navigator browser, it will
automatically run Java.


Sun added security features to ensure that someone can't write a program
that would automatically erase or alter computer files. But, Felten noted,
''They have not implemented any way
of controlling the amount of a resource, such as the processor or the
memory, that a Java program uses.'' So a rogue Java program could seize
control of the computer. In some cases, it
might be necessary to turn off the computer to regain control, and that
would mean a loss of information stored in the computer's memory.


Marianne Mueller, a Sun engineer, said her firm is working with Felten and
other experts to resolve the problem. She wants to design a feature that
would let the computer user set a limit
on the amount of memory or processing power that can be used by any Java
program. ''We need to put in mechanisms that we can give that control to the
user,'' Mueller said.


Jeff Treuhaft, director of security products for Netscape Communications
Corp., says his company is aware of the problem, and hopes to fix it by
installing a system of ''digital
signatures.'' Every Java program would identify itself to the Netscape
Navigator browser before a computer would run it. Programs from suspect
sources would be rejected.


Treuhaft said the risk of rogue Java programs is slight. But he said users
could avoid risk by switching off the Java function in their browsers.
Treuhaft warned that traveling the Web
would never be entirely risk-free. ''The Net,'' he said, ''is not a Shangri-la."