Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

Is Java Applet Secure?

 
Ranch Hand
Posts: 340
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi friends,

Nice to be back to this community after a very long time.
I had a small concern and need some Expert Advice.

I am developing a website. I have some material say in the form of Powerpoint presentation and word files which i would like to share with the members of my website. Now the thing is that this material is very confidential and I dont want the member to somehow get hold of that and redistribute it.

For this i had 2 choices:
1) Flash
2) Java Applet

I can put all the content in flash file and put them on my site. But as per my understanding the .swf file will get downloaded to the client machine and thereafter it can be misused.

On the other hand using applet might not be so interactive or efficient to display the Powerpoint presentation (I need suggestions on this also). But it MIGHT be secure, i mean at least the client will not receive any copy of the material.

Please suggest me if I am right or what should be the right way to solve this issue.

Thanks!
 
Rancher
Posts: 43027
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The applet -and any code and data it contains- are downloaded to the client as well. Anything they contain should be considered accessible to the user. From that perspective Flash and applets are identical.

But anyone watching whatever is shown in the Flash/applet presentation can write down the contents or make screenshots. What you're proposing merely makes it harder for them (and for you), and more cumbersome to use. I'd say you need to decide whether you can or can not trust the users; if the latter, they probably shouldn't be shown anything confidential.
 
Sandeep Chhabra
Ranch Hand
Posts: 340
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thank you very much for the guidence Ulf,
I would really appreciate if you could throw some light as to how can i really get hold of the jar that is downloaded to my machine when i am viewing an applet. (Actually, I used to think that this is not possible )

I want the members to access the confidential data but taking screenshots will not harm me, all i want is that the they should not really get the entire content.

Could you suggest some better way to secure the content that i am presentation to members for eg some PPT (embedded in applet) containing animations?

Thanks for your kind help!
 
Ulf Dittmer
Rancher
Posts: 43027
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The applet jar file resides in a publicly accessible directory, so there's no problem entering it's URL into a browser and downloading it.

I guess I don't understand what the difference is between "accessing the confidential data" and "get the entire contents". It seems to me that it's conceptually the same thing.

Any applet- or Flash-based solution can be decompiled on the client, so if you're really concerned about a determined hacker, neither of them will do. Of course, doing that is beyond what the overwhelming majority of people is capable of doing (unless your audience consists of skilled techies).
 
WHAT is your favorite color? Blue, no yellow, ahhhhhhh! Tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic