What does it really mean to trust software?

In this instance, what you are agreeing to do is to allow the application full access to your computer. Among other things, you are granting the program access to your file system. This is necessary if you want to use the program to read data stored on your computer and to output results as new files. This is the same level of access you give to just about any program that you purchase and install on your computer. Generally speaking, this is quite reasonable; most software that people use regularly is written by established software companies that are not interested in intentionally harming you and that test their programs to make sure they won't accidentally do damage. However, just about anybody (like me) can write a program and put it on the Web for people to use. These programs could be useful or they could be malicious or poorly written. For this reason, the default behavior in the Java Web Start framework is to give programs very little access to the computers on which they are running; this is often referred to as operating "in the sandbox". If a program needs access to things like local files, it must ask for permission and the user has to grant that permission.

The benefit of granting this permission is fairly obvious - the program can access local files, allowing you to work with your own data and to save your progress and results. The risks may not be as obvious. One possibility is that the program is spyware, a virus, or some other type of malicious software. Another possibility is that the program is poorly written and will do something harmful under the right (wrong) set of conditions. In the case of Web-based programs, a third possibility is that someone else has replaced a safe program with a malicious one. There is no way to know for sure beforehand if any of these things are true; this is where the trust is involved. Do I trust that the person who wrote this program has good intentions? DoI trust that s/he knows what s/he is doing? Do I trust that what I am downloading has not be compromised? Ultimately, you have to answer those questions for yourself. I will however offer the following points to consider.

First, consider that this software has my name on it and is supposedly part of a research project at Carnegie Mellon University and is hosted on the University's web server. That means I'd get in a lot of trouble if I was knowingly distributing spyware under the auspices of research using University resources. It also means that there are some security measures in place to prevent someone who isn't me making changes to my web site.

Second, remember that even when you grant full access to a Java Web application, it is still being run on a virtual machine; for the most part, it still does not have direct access to the resources of your local computer. This makes it harder (but not impossible) for a poorly written program to make a big mess of your computer.

Finally, keep in mind that everything you just read came from me. Feel free to do your on research on this subject and draw your own conclusions. I am not trying to talk you into anything or to scare you away from anything. I just want you to make an informed decision about using my program.

• Andy's Home Andy's Personal Home Page
• VELMA Home Home Page for the VELMA Project
• VELMA Help Help with using VELMA
• Project GATTACA Home Home Page for Project GATTACA

This site is maintained by Andrew Walsh. Please direct all comments and queries about the site to him at the following address: awalsh+gadmin@cs.cmu.edu