Interesting People mailing list archives
IP: More on : HOLE IN THE WEB LEAVES SECURITY GAP (from Edupage)
From: Dave Farber <farber () cis upenn edu>
Date: Wed, 06 Jan 1999 01:43:57 -0500
From: "David Byrden" <David () Byrden com> To: <farber () cis upenn edu>
Israeli computer security firm Finjan Inc. is publicizing a potentially serious security "hole"
Finjan's "security hole" report, as reported to the list, is misleading. The following are the facts: [1] Excel is not "frequently used" to divide web pages into frames. HTML can do that just fine. Excel is used only when the web designer is happy to limit his audience to those who have Microsoft Excel installed; a reasonable restriction within a company network but not on the public Internet. [2] The hole is not "the biggest in internet history" because it is not PART of internet history. The security hole is part of Windows history. No internet protocols are at fault and no internet specs need fixing; the internet is only one of many possible ways for this malicious code to enter your system before it triggers the fault in Microsoft's software. [3] Regarding Finjan's past performance, this item is of interest: http://www.rstcorp.com/hostile-applets/trousers.html David Byrden
Current thread:
- IP: More on : HOLE IN THE WEB LEAVES SECURITY GAP (from Edupage) Dave Farber (Jan 05)