[Cryptography] defaults, black boxes, APIs, and other engineering thoughts
Bill Frantz
frantz at pwpconsult.com
Mon Jan 6 01:03:28 EST 2014
On 1/5/14 at 12:25 PM, jthorn at astro.indiana.edu (Jonathan
Thornburg) wrote:
>But this raises some genuine questions:
>* Is there a secure web browser? My trust level in any of the biggies
>(Microsoft, Apple, Google, Mozilla) is low...
>* I've just booked a hotel room in <distant city>; the hotel sent me a
>.docx file which claims to be a confirmation. Is there an "office suite"
>in which it's safe for me to look at that .docx file?
>* Same question, but for pdf files?
>* For bonus points, can that pdf-viewer edit fillable pdf forms? I have
>seen claims that evince or mupdf can do this... but neither seems to
>handle either US or Canadian tax forms. :(
There is a path to make running the current versions of these
programs safe.
As a thought experiment: Get a piece of hardware. Install an OS
from R/O media -- e.g. DVD. Read your .docx/.pdf file from
CD/DVC. Wipe the system and start over for the next file.
In addition to systems like KeyKOS/Capros/etc., which implement
this model, a group a HP labs built a system called Polaris.
Polaris started apps under a separate userid and tossed the
userid when the app completed. Calling up an open file dialog
box let the app access a specific file -- outside that separate
userid -- specified by the human user of the system. Polaris
depended on the integrity of the user/user security controls in
Windows. If they failed, at least you could submit a bug report
to Microsoft. :-)
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Privacy is dead, get over | Periwinkle
(408)356-8506 | it. | 16345
Englewood Ave
www.pwpconsult.com | - Scott McNealy | Los Gatos,
CA 95032
More information about the cryptography
mailing list