Are all of these problemsjust implementation errors?

• Most holes resulting in attack applets are

• But a few of the holes were specification problems

  • the first Class Loader problem was one such error

• Separating the errors into categories is hard

  • specifications are vague
  • often they are silent (and implementers guess wrong)

Previous slide

Next slide

Back to first slide

View graphic version