What is Java ?	Programing and Tools
Versions	Applets and Classes
Sites and Links with Information	Security

Java Security , Testing and Source Code

Sun's top-level Java Security Resource Page. Sun's Java Security FAQ. Security Flaws found by Princeton (Dean, Felten, Wallach). PostScript paper analyzing Java security and summarizing several security flaws (most of which are now fixed). Attack where custom bytecodes could be generated that run native methods, and are missed by the bytecode verifier. DNS-spoofing bug. Allows applets to connect to arbitrary hosts instead of just the server from which the applet came. Fixed in Netscape 2.01 and JDK 1.01. Bugs in Sun's alpha HotJava browser. Not present in Netscape or JDK. Summary report of Princeton flaws. Future flaws will be listed here. Java Security Flaws found by David Hopwood (Old!) David Hopwood's package/Classloader-spoofing bug. Lets applets run arbitrary native code if the cracker can get a file somewhere (anywhere) on the client system in a location the malicious applet knows about. Fixed in Netscape 2.01 and JDK 1.01. Early report. Details on how files could get on local system. Using Netscape's cache to get files on local system. Results of using Netscape's cache. Later experiments found the same problems on MacOS (but not UNIX). Another fake-the-bytecode-verifier attack, this one from David Hopwood. Like the Princeton attack, it requires custom generation of bytecodes rather than coming from standard Java source, would let the applet run arbitrary native code, and is fixed as of Netscape 2.02 and JDK 1.02. David's list of known and previous Java security bugs, with discussion. This and the PostScript Princeton paper are probably the best two places to start. Sprint's evade-the-firewall bug. Mark Ladue's "Hostile Applets" collection (mostly denial-of-service attacks). Links to the applets themselves. You may need to quit Netscape if you run any of them. An article that explains many of the applets, with source code. Article by Godmar Back on bypassing Java's SecurityManager in Netscape. This allows applets to do unrestricted operations, so is only for totally secure intranets that run totally trusted applets. (The owner of the browser has to do this, not the Java programmer who writes the applet!) The comp.lang.java.security Usenet newsgroup. Papers and Information on Garbage CollectionThese are not specific to Java programming, but general to programming languages that use garbage collection (e.g. Lisp, Smalltalk, Eiffel, ML, and extensions to C and C++). A survey of garbage collection techniques by Paul Wilson. To appear in ACM's Computing Surveys. (PostScript) Collection of GC-related papers from the University of Texas. Garbage Collection FAQ maintained by David Chase of Centerline. Harlequin's Memory Management Reference. GC Articles by Hans-J Boehm at Xerox PARC: complexity of mark-sweep vs. copying garbage collectors. Eexplicit allocation/deallocation (malloc/free) A garbage collector for C and C++. Henry Baker's collection of papers, related to GC. Large garbage-collection bibliography from Richard Jones. Great Circle: A commercial collector for C/C++.