Date: Wed, 11 Jun 1997 10:01:16 -0700
Message-Id: <199706111701.KAA12410@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: creed@scimail.risc.rockwell.com
Subject: Re: Why are applet windows never secure?
Someone can try to spoof your expected UI, using an applet.
That is, they can pop up a window that looks like a standard UI window
that you might expect from your operating system, saying
user name:
passwd:
and 9 times out of 10, people would willingly enter their password.
Now, arguably, even if the window says "Warning: applet window" 8
times out of 10, people might still willingly enter their password,
but we think it is very important to highlight the fact that
downloaded applet windows were created by downloaded applets, not by
applications that you installed on your computer.
The idea is to make it harder for malicious hackers to spoof the UI
and thereby trick the unsuspecting user into doing something.
The applet windows themselves are not "dangerous" at all.
Marianne