HP3000-L Archives

February 1997, Week 3

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: More on MS "Security"
From:
Jeff Kell <[log in to unmask]>
Reply To:
Steve Dirickson b894 WestWin <[log in to unmask]>
Date:
Thu, 20 Feb 1997 15:02:54 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (75 lines) 
Forwarded for Steve Dirickson (sent to owner-hp3000-l) [JK]
-----------------------------------------------------------------------
<<...The site only serves to show that they just don't "get it." For
example:

   "While the Java sandbox enforces a high degree of security, it does
   not let users download and run exciting multimedia games or other
   full-featured programs on their computers," a statement on
Microsoft's
   security site reads. "As a result, users may want to download code
   that has full access to their computers' resources."

So apparently Microsoft thinks multimedia games are more important
than user data.>>

Isn't it the other way around? The ability to "download and run exciting
multimedia games or other
full-featured programs on their computers" is more important to the
majority of *users* than is airtight security. Which doesn't make it
necessarily a good idea-we humans are notorious for avoiding the things
that are good for us, and doing what is fun instead-but I don't see how
MS falls into the "don't get it" category for providing what the users
want. Companies that say "yes, we know what you want, but we won't give
it to you because it isn't what we think you need; we'll give you this
instead" seem to me to be much more in the "don't get it" camp-as well
as
having a tendency to move fairly rapidly to the "out of business" camp.

<<The clincher, though, is the rationale for using AuthentiCode (by
ActiveX or by anything else):

   If a control does something bad to a user's computer, the publisher
   can then be tracked down and prosecuted. In other words, the
   Authenticode system does not protect against malicious code; it
simply
   makes it easier to find out who wrote it.

So as long as you're a member of a large international corporation with
lawyers to spare, you can pursue and prosecute the author.

   "If people let a stranger in the house and the stranger tied them up
   and stole their VCR," asked Tod Nielsen, general manager of developer
   relations at Microsoft, "do they go to the police or move into
another
   house?..."

If the stranger immediately fled the country, then the police shake
their heads and say, "I'm sorry.">>

Unfortunately, we have the typical "either/or, but not both" situation:
1) Completely secure applets that have no way of getting at reserved
system resources except through approved and guaranteed-safe
channels-that nobody will be satisfied with because they can't do what
we
want them to, or
2) Less secure, but fully capable, applets

Given that we simply can't have complete capability and complete
security, I welcome the opportunity of having positive identification of
the source of the applet, so that
1) I can decide whether or not I want to install it, by having sure
knowledge of the source before I allow it on my system, and
2) I can go back to the verified source if there are any problems

The fantasy of completely secure applets that can do all the things we
want them to do, but can't possibly do anything "bad" to our system, is
a
great idea, but we aren't going to see it any time soon. In the
meantime,
I definitely want to be able to know what I'm allowing through the door,
and where it was born. If MS provides that technology, fine. If someone
else does, also fine. If everyone does, great.

Steve

ATOM RSS1 RSS2