[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Anyone else notice that Swen is slowing down?

Mike Mueller wrote:
> ....  It seems that the safest form of information push is
> unformatted text.  

Wouldn't it be sufficient to limit the formats to those that don't have
the expressive power to command the receiver to do arbitrary things?  

For example, HTML can't hijack a browser (or HTML-capable e-mail reader)
with scripting turned off, can it (ignoring buffer-overflow bugs)?

Similarly, executable formats like Java, which has a comprehensive
security model, would be better if you ever really did need to deliver
executable code.  (No, I didn't say Java implementations are perfect, 
but there are a lot more layers of security to break through.)

Daniel Barclay

Reply to: