Yeah Java is more secure, but boy does it love chewing you CPU and memory in the process... just to find out that your bank has invented another bank fee.
Can you explain to the list how a client-side application (Java) can be considered more secure that a server-side application (CGI) running on the web server? The former can theoretically rip into your machine and wreak havoc (and has done in the past) whereas the latter can do no such thing.
I favor server side as well. Jumping out of my league but doesn't Java claim that it is never written to disk.
I don't want to go into it here, but one thing is never trust the client/user with anything... favoring server side. But server side programmers can get lazy and have minimal server side checking (bah not the right word) by throwing in Javascript. Which is favoring java on the client side guessing that an applet hasnt really being proven to be hackable.
Given all the "sandbox escapades and escapes" that Java has suffered over the years, I would be hard to convince that Java is 100% safe on the client side.
Heh, nothing is 100% safe (flashing a light on the memory can apprantly make Java execute). As you mentioned argument has different angels... mainly the security of the client/server or the communication between them (but https is standard in the cases of CGI or Java).
It seems that I just sat the same lecture as James Gray, I wouldnt volunteer to code in Java.
I cant push this thread much further.
-- Simon Males <[EMAIL PROTECTED]> No More AOL CDs Australia - www.anticd.org
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
