Buy Used
£0.01
+ £2.80 UK delivery
Used: Very Good | Details
Condition: Used: Very Good
Comment: This book is in very good condition and will be shipped within 24 hours of ordering. The cover may have some limited signs of wear but the pages are clean, intact and the spine remains undamaged. This book has clearly been well maintained and looked after thus far. Money back guarantee if you are not satisfied. See more of our deals.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Java Security: Hostile Applets, Holes and Antidotes - What Every Netscape and Internet Explorer Needs to Know Paperback – 23 Dec 1996

2 customer reviews

See all formats and editions Hide other formats and editions
Amazon Price New from Used from
Paperback
"Please retry"
£5.74 £0.01

There is a newer edition of this item:




Product details

  • Paperback: 192 pages
  • Publisher: John Wiley & Sons (23 Dec. 1996)
  • Language: English
  • ISBN-10: 047117842X
  • ISBN-13: 978-0471178422
  • Product Dimensions: 19 x 1.2 x 23.3 cm
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (2 customer reviews)
  • Amazon Bestsellers Rank: 3,871,392 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

From the Back Cover

"This book is mandatory reading for every user and developer of webware." —Peter G. Neumann Moderator of the Risks Forum

Do you know how to sort out fact from fiction when it comes to Java security? Did you know that whenever you surf the Web with Netscape or Internet Explorer you are using Java? That means that someone else′s code is running untested on your computer. Don′t wait for a hostile applet to show you how vulnerable your site is. International security experts Gary McGraw and Edward Felten —leader of the famed Princeton team —tell you how Java security works, and how it doesn′t.

McGraw and Felten give you all the information you need to create a reasonable Java use strategy. Java Security gives you:

  • Guidelines for using Java more safely today
  • What to expect in the Java security future
  • A clear treatment of the risks of using Java
  • Vital information explaining the three prongs of the Java security model: the Byte Code Verifier, the Applet Class Loader, and the Security Manager
  • Clear explanations of holes in the Java security model

Whether you′re a webmaster, an information technology manager charged with creating an intelligent security policy for your organization, or a concerned Web user, this book is must reading.

visit this book′s companion web site at: http://www.rstcorp.com/java–security.html

visit our web site at: Ihttp://www.wiley.com/compbooks/

About the Author

GARY McGRAW, PhD, is a research scientist with Reliable Software Technologies Corporation and a frequent speaker on Java security. In addition to his work in artificial intelligence, cognitive science, and computer security, Dr. McGraw is an accomplished webmaster who is currently managing three sites.

EDWARD W. FELTEN, PhD, teaches computer science at Princeton University and heads up Princeton′s Safe Internet Programming team which consults to companies such as Microsoft, Netscape, and Sun. The team is famous for having discovered most of the holes in the Java security model.

Customer Reviews

5.0 out of 5 stars
5 star
2
4 star
0
3 star
0
2 star
0
1 star
0
See both customer reviews
Share your thoughts with other customers

Most Helpful Customer Reviews

1 of 1 people found the following review helpful By A Customer on 27 Jan. 1997
Format: Paperback
Heave an egg out of an open window almost anywhere in the
world today, and the odds of striking a Netscape user are
in your favor. The odds are even better that this person
either knows nothing of Java or believes that it is safe.
Pick up almost any book on Java programming, and you will
see the same superficial and misleading treatment of
security issues. This important book is the first one to
address the myriad problems raised by Java. It clearly and
concisely explains past problems, current issues, and future
risks. McGraw and Felten grab the high and mighty Java
industry by the ear, and they offer sane and sensible advice
to every level of Java programmer and user. One can only
wish that this book had appeared a year earlier and had been
widely read by Java's cheerleaders and hucksters. Perhaps
then more of the problems would have been solved by now,
and fewer risks would remain.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 2 people found the following review helpful By A Customer on 28 Aug. 1997
Format: Paperback
This book is wonderfully written and full of good
information. It would be useful for anyone from novice users to managers to Java Programmers who are concerned about security. In fact, I
strongly recommend them buying a copy to read as this is one of the best technical books I've read in a long time. The only audience I wouldn't
recommend it for are the people who are doing very advanced Java Security work such as writing their own Security Manager, but they may
even learn something from it.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Helpful Customer Reviews on Amazon.com (beta)

Amazon.com: 4 reviews
7 of 7 people found the following review helpful
Good for 1996 3 April 2002
By Goldin Evgeny - Published on Amazon.com
Format: Paperback
I'm writing this review in April, 2002 when IE 6.0 became a standard browser and Netscape is RIP.
This book was written 6 years ago in the days of NN 2.0 and IE 3.0 .. Although it's more then
outdated by now it clearly explains what security risks exist for Java-enabled browsers
and answers my (and may be your) question "How the hell applets can break through Security Manager ?!"
It's main idea is to explain readers what harm applets can do, why is it possible at all
and what is done about the subject by the browser manufactures. Good work for 1996.
Note that it's not "Java security book" in the terms you may think today - in 1996 Java
was only understood as a flashy applets popping-up in the Web.
1 of 1 people found the following review helpful
An Excellent read for anyone interested in Java security 28 Aug. 1997
By A Customer - Published on Amazon.com
Format: Paperback
This book is wonderfully written and full of good
information. It would be useful for anyone from novice users to managers to Java Programmers who are concerned about security. In fact, I
strongly recommend them buying a copy to read as this is one of the best technical books I've read in a long time. The only audience I wouldn't
recommend it for are the people who are doing very advanced Java Security work such as writing their own Security Manager, but they may
even learn something from it.
Great Java security book 30 Oct. 2000
By Ben Rothke - Published on Amazon.com
Format: Paperback
If you use a web browser that is Java enabled (versions greater than Netscape Navigator 2.0 and Microsoft Internet Explorer 3.0) ,and are concerned about Java security, this book is required reading.
At under 160 pages of text (not counting the appendices), Java Security provides a superb overview of security issues involved with using Java. The authors are security veterans. Felton heads up the Princeton University Safe Internet Programming Team and is famous for discovering quite a few holes in the Java security model.
One might think that two security experts who know the depths and implications of Java security may come out with a reference with suggestions that are overly restrictive and perhaps paranoid. That is not the case here. The recommendations that the book suggests are rational and reasonable. Java Security provides commendable guidelines on how to use Java more safely and what the future holds for Java security features.
The 6 chapters of the book provide an excellent and comprehensive analysis to all aspects of Java security. Chapter 2 provides a significant amount of detail about the Java Security Model, with in-depth coverage of the 3 prongs (as they call it) of the security model, namely: the Byte Code Verifier, the Applet Class Loader and the Security Manager.
Chapter 3 follows with a discussion detailing serious holes in the security model. The authors consider a flaw to be serious when the breach has the potential to corrupt data, reveal private information, or infecting the workstation with a virus. They fittingly note that all of the flaws detailed in the chapter have been fixed by Netscape and Microsoft. The function of the chapter is to show what sort of things can go wrong. Chapter 3 concludes with a summary of 8 significant security problems that were discovered last year in implementations of Java.
The book also goes into great detail on what developers and end-users can do to make Java much more secure. Their six guidelines for Safer Java use are:
1. Know what web sites you are visiting 2. Know your Java environment 3. Use up-to-date browsers with the latest security updates 4. Keep a lookout for security alerts 5. Apply drastic measures if your information is truly critical 6. Access your risks
Fenton has his doctorate in computer science, nonetheless, the book is written in a very clear and coherent manner. Add this to your bookshelf.
A Fine Antidote for All of the Java Fanfare 27 Jan. 1997
By A Customer - Published on Amazon.com
Format: Paperback
Heave an egg out of an open window almost anywhere in the
world today, and the odds of striking a Netscape user are
in your favor. The odds are even better that this person
either knows nothing of Java or believes that it is safe.
Pick up almost any book on Java programming, and you will
see the same superficial and misleading treatment of
security issues. This important book is the first one to
address the myriad problems raised by Java. It clearly and
concisely explains past problems, current issues, and future
risks. McGraw and Felten grab the high and mighty Java
industry by the ear, and they offer sane and sensible advice
to every level of Java programmer and user. One can only
wish that this book had appeared a year earlier and had been
widely read by Java's cheerleaders and hucksters. Perhaps
then more of the problems would have been solved by now,
and fewer risks would remain.
Were these reviews helpful? Let us know


Feedback