[whatwg] Dealing with UI redress vulnerabilities inherent to the current web

Elliotte Harold elharo at metalab.unc.edu
Tue Sep 30 07:57:25 PDT 2008

Maciej Stachowiak wrote:

> More generally, I am on Apple's internal incoming security bug list, and 
> I see Java applet security bugs all the time, so I think whatever the 
> strength of the model may be, it does not lead to Java applets being 
> secure in practice.

Are those bugs in the model or in the VM? Stack overflow issues, buggy 
code, and such are of a different character than fundamental design 
flaws. Simple bugs can be fixed much more easily.

Elliotte Rusty Harold  elharo at metalab.unc.edu
Refactoring HTML Just Published!

More information about the whatwg mailing list