One Laptop per Child security
James A. Donald
jamesd at echeque.com
Thu Feb 8 22:22:06 EST 2007
--
Nicolas Williams wrote:
> The text you quote doesn't answer the question; the
> rest of the wiki frontpage says little more. It tends
> to make me think that if an application wants to do
> something that I've not enabled it to do ahead of time
> then it fails. Failure is incovenient. So as near as
> I can tell from the text you quote BitFrost sets its
> convenience/security parameters differently than other
> OSes, but there's nothing truly Earth shatteringly new
> there.
There is a great deal that is earth shatteringly new,
and it is documented - albeit in rather unclear and non
standard format.
The fundamental difference is that each application is
run in its own VM, and so *cannot* exercise full user
powers, whereas with *all* other OSs, if your solitaire
game is a trojan, or (more likely) has flaws that enable
an adversary to get control of it, it can read all your
user documents and mail them to the adversary, check
your interaction with the browser to detect you typing
in passwords to your bank account and share trading
account, get the names of everyone on your address list,
and spam cons and trojans to them in each others names,
use your modem to dial a ten dollar a minute gay S&M sex
line in Outer Mongolia, launch a denial of service
attack against The Gold Casino as part of an extortion
scheme, spray ads onto your screen, make your system a
file share server for other people's child pornography,
and report all your video files to the copyright
lawyers.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
x4p2u5+Go3URK4IvzoJkO/+K0lr4p4XW2aNmlbEi
4dlOW8vAN4GsnWBzDGfvyjQYPosBfDEqrH3rKQ451
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list