[Cryptography] phishing attack again - $300m in losses?
Bill Frantz
frantz at pwpconsult.com
Mon Feb 16 21:09:21 EST 2015
On 2/16/15 at 5:45 PM, phill at hallambaker.com (Phillip
Hallam-Baker) wrote:
>Another part though would be to change the way applications are installed.
>The default should be that an application runs in a separate partition and
>does not see the shared file system or the general network. Least privilege
>is your friend.
We have plash and Polaris as worked examples for IX systems and
Windows. In one case, a development version of Polaris was
installed on a user's system and he didn't even notice until
informed somewhat later.
>What we need is a Steve Jobs who cares about security. It is quite possible
>to implement secure systems that have Apple quality look and feel.
Polaris used a power box pattern that looked and behaved
identically to the Windows file chooser. The magic is below the
user interface if you assume that when a user designates a file,
she also intends to grant access to that file. There are many
ways to implement such a system.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Re: Hardware Management Modes: | Periwinkle
(408)356-8506 | If there's a mode, there's a | 16345
Englewood Ave
www.pwpconsult.com | failure mode. - Jerry Leichter | Los Gatos,
CA 95032
More information about the cryptography
mailing list