“Had awareness of Internet risks been greater in, say, the fall
of 1996, consumers and enterprise IT architects would have waited
for a more robust framework to support the next generation of
personal and commercial communications and transactions.
“But that’s not how things happened…”
“Given this history, it’s not surprising that active Web-page
content was crafted as a fragile and trusting extension of
single-user interapplication data exchange, that Microsoft’s
ActiveX technology gave unlabeled software, from unknown sources,
the same privileges as anything else on a user’s machine. Java has
the potential to be far more secure, but every statement about
Java’s inherent security carries an implicit qualifier: “when
implemented according to specifications.”
“What’s mildly surprising… is that consumers placed so
much trust in vendors in an era when so many industries have failed
to be trustworthy.”